Re-exports§
pub use rustls;
Structs§
- Allow
All - AllowAll will allow all public certificates to be validated, it fails open
- Allow
Public Keys - AllowPublicKeys restricts keys to those that are found in the member set. non-members will not be allowed.
- Client
Cert Verifier - A
rustls::server::ClientCertVerifierthat will ensure that every client provides a valid, expected certificate and that the client’s public key is in the validator set. - Self
Signed Certificate - Server
Cert Verifier - A
rustls::client::ServerCertVerifierthat ensures the client only connects with the expected server. - TlsAcceptor
- An
Acceptorthat will provideTlsConnectionInfoas an axumExtensionfor use in handlers. - TlsConnection
Info
Constants§
Traits§
- Allower
- The Allower trait provides an interface for callers to inject decsions whether to allow a cert to be verified or not. This does not prform actual cert validation it only acts as a gatekeeper to decide if we should even try. For example, we may want to filter our actions to well known public keys.
Functions§
- create_
rustls_ client_ config - create_
rustls_ server_ config - create_
rustls_ server_ config_ with_ client_ verifier - Create a TLS server config which requires mTLS, eg the client to also provide a cert and be verified by the server based on the provided policy
- public_
key_ from_ certificate - Extracts the public key from a certificate.