mirror of
https://github.com/actix/actix-website
synced 2025-03-20 14:45:18 +01:00
docs: use rustls in http/2 example
This commit is contained in:
parent
7c063e890f
commit
2f9e49c622
@ -10,16 +10,11 @@ import RenderCodeBlock from '@theme/CodeBlock'; import CodeBlock from '@site/src
|
|||||||
|
|
||||||
<!-- TODO: use rustls example -->
|
<!-- TODO: use rustls example -->
|
||||||
|
|
||||||
When either of the `rustls` or `openssl` features are enabled, `HttpServer` provides the [bind_rustls][bindrustls] method and [bind_openssl][bindopenssl] methods, respectively.
|
When either of the `rustls` or `openssl` features are enabled, `HttpServer` provides the [`bind_rustls()`][bindrustls] method and [`bind_openssl()`][bindopenssl] methods, respectively.
|
||||||
|
|
||||||
<!-- DEPENDENCY -->
|
<!-- DEPENDENCY -->
|
||||||
|
|
||||||
<RenderCodeBlock className="language-toml">
|
<CodeBlock example="http2" file="manifest" section="deps" language="toml"></CodeBlock>
|
||||||
{`[dependencies]
|
|
||||||
actix-web = { version = "${actixWebMajorVersion}", features = ["openssl"] }
|
|
||||||
openssl = { version = "0.10", features = ["v110"] }
|
|
||||||
`}
|
|
||||||
</RenderCodeBlock>
|
|
||||||
|
|
||||||
<CodeBlock example="http2" file="main.rs" section="main" />
|
<CodeBlock example="http2" file="main.rs" section="main" />
|
||||||
|
|
||||||
@ -29,7 +24,7 @@ Upgrades to HTTP/2 described in [RFC 7540 §3.2][rfcsection32] are not supported
|
|||||||
|
|
||||||
[rfcsection32]: https://httpwg.org/specs/rfc7540.html#rfc.section.3.2
|
[rfcsection32]: https://httpwg.org/specs/rfc7540.html#rfc.section.3.2
|
||||||
[rfcsection34]: https://httpwg.org/specs/rfc7540.html#rfc.section.3.4
|
[rfcsection34]: https://httpwg.org/specs/rfc7540.html#rfc.section.3.4
|
||||||
[bindrustls]: https://docs.rs/actix-web/4/actix_web/struct.HttpServer.html#method.bind_rustls
|
[bindrustls]: https://docs.rs/actix-web/4/actix_web/struct.HttpServer.html#method.bind_rustls_0_22
|
||||||
[bindopenssl]: https://docs.rs/actix-web/4/actix_web/struct.HttpServer.html#method.bind_openssl
|
[bindopenssl]: https://docs.rs/actix-web/4/actix_web/struct.HttpServer.html#method.bind_openssl
|
||||||
[tlsalpn]: https://tools.ietf.org/html/rfc7301
|
[tlsalpn]: https://tools.ietf.org/html/rfc7301
|
||||||
[examples]: https://github.com/actix/examples/tree/master/https-tls
|
[examples]: https://github.com/actix/examples/tree/master/https-tls
|
||||||
|
@ -4,6 +4,9 @@ version = "1.0.0"
|
|||||||
publish = false
|
publish = false
|
||||||
edition.workspace = true
|
edition.workspace = true
|
||||||
|
|
||||||
|
# <deps>
|
||||||
[dependencies]
|
[dependencies]
|
||||||
actix-web = { version = "4", features = ["openssl"] }
|
actix-web = { version = "4", features = ["rustls-0_22"] }
|
||||||
openssl = { version = "0.10", features = ["v110"] }
|
rustls = "0.22"
|
||||||
|
rustls-pemfile = "2"
|
||||||
|
# </deps>
|
||||||
|
@ -1,24 +1,36 @@
|
|||||||
|
use std::{fs::File, io::BufReader};
|
||||||
|
|
||||||
// <main>
|
// <main>
|
||||||
use actix_web::{web, App, HttpRequest, HttpServer, Responder};
|
use actix_web::{web, App, HttpRequest, HttpServer, Responder};
|
||||||
use openssl::ssl::{SslAcceptor, SslFiletype, SslMethod};
|
|
||||||
|
|
||||||
async fn index(_req: HttpRequest) -> impl Responder {
|
async fn index(_req: HttpRequest) -> impl Responder {
|
||||||
"Hello."
|
"Hello TLS World!"
|
||||||
}
|
}
|
||||||
|
|
||||||
#[actix_web::main]
|
#[actix_web::main]
|
||||||
async fn main() -> std::io::Result<()> {
|
async fn main() -> std::io::Result<()> {
|
||||||
// load TLS keys
|
let mut certs_file = BufReader::new(File::open("cert.pem").unwrap());
|
||||||
|
let mut key_file = BufReader::new(File::open("key.pem").unwrap());
|
||||||
|
|
||||||
|
// load TLS certs and key
|
||||||
// to create a self-signed temporary cert for testing:
|
// to create a self-signed temporary cert for testing:
|
||||||
// `openssl req -x509 -newkey rsa:4096 -nodes -keyout key.pem -out cert.pem -days 365 -subj '/CN=localhost'`
|
// `openssl req -x509 -newkey rsa:4096 -nodes -keyout key.pem -out cert.pem -days 365 -subj '/CN=localhost'`
|
||||||
let mut builder = SslAcceptor::mozilla_intermediate(SslMethod::tls()).unwrap();
|
let tls_certs = rustls_pemfile::certs(&mut certs_file)
|
||||||
builder
|
.collect::<Result<Vec<_>, _>>()
|
||||||
.set_private_key_file("key.pem", SslFiletype::PEM)
|
.unwrap();
|
||||||
|
let tls_key = rustls_pemfile::pkcs8_private_keys(&mut key_file)
|
||||||
|
.next()
|
||||||
|
.unwrap()
|
||||||
|
.unwrap();
|
||||||
|
|
||||||
|
// set up TLS config options
|
||||||
|
let tls_config = rustls::ServerConfig::builder()
|
||||||
|
.with_no_client_auth()
|
||||||
|
.with_single_cert(tls_certs, rustls::pki_types::PrivateKeyDer::Pkcs8(tls_key))
|
||||||
.unwrap();
|
.unwrap();
|
||||||
builder.set_certificate_chain_file("cert.pem").unwrap();
|
|
||||||
|
|
||||||
HttpServer::new(|| App::new().route("/", web::get().to(index)))
|
HttpServer::new(|| App::new().route("/", web::get().to(index)))
|
||||||
.bind_openssl("127.0.0.1:8080", builder)?
|
.bind_rustls_0_22(("127.0.0.1", 8443), tls_config)?
|
||||||
.run()
|
.run()
|
||||||
.await
|
.await
|
||||||
}
|
}
|
||||||
|
Loading…
x
Reference in New Issue
Block a user