2023-05-22 14:21:48 +01:00
# HTTPS Server using OpenSSL
2018-04-13 09:18:42 +08:00
## Usage
2023-05-22 14:06:04 +01:00
### Generating Trusted Certificate
2020-05-19 12:46:00 +09:00
2023-05-22 14:06:04 +01:00
We put self-signed certificate in this directory as an example but your browser will complain that connections to the server aren't secure. We recommend to use [`mkcert` ] to trust it. To use a local CA, you should run:
2020-05-19 12:46:00 +09:00
2022-02-18 03:36:04 +00:00
```sh
2020-05-19 12:46:00 +09:00
mkcert -install
```
2023-05-22 14:06:04 +01:00
If you want to generate your own private key/certificate pair, then run:
2020-05-19 12:46:00 +09:00
2022-02-18 03:36:04 +00:00
```sh
2023-05-22 14:18:07 +01:00
mkcert -key-file key.pem -cert-file cert.pem 127.0.0.1 localhost
2020-05-19 12:46:00 +09:00
```
2023-05-22 14:06:04 +01:00
A new `key.pem` and `cert.pem` will be saved to the current directory. You will then need to modify `main.rs` where indicated.
2020-05-19 12:46:00 +09:00
2023-05-22 14:06:04 +01:00
### Running Server
2018-04-13 09:18:42 +08:00
2023-05-22 14:06:04 +01:00
```console
2023-12-29 20:25:15 +08:00
$ cd https-tls/openssl
2023-05-22 14:06:04 +01:00
$ cargo run # (or `cargo watch -x run` )
starting HTTPS server at 127.0.0.1:8443
2018-04-13 09:18:42 +08:00
```
2023-05-22 14:06:04 +01:00
### Using Client
- curl: `curl -vk https://127.0.0.1:8443`
- curl (forced HTTP/1.1): `curl -vk --http1.1 https://127.0.0.1:8443`
- browser: < https: // 127 . 0 . 0 . 1:8443 >
## Self-Signed Encrypted Private Key Command
2018-04-13 09:18:42 +08:00
2023-05-22 14:06:04 +01:00
```sh
openssl req -x509 -newkey rsa:4096 -keyout key-pass.pem -out cert-pass.pem -sha256 -days 365
```
[`mkcert` ]: https://github.com/FiloSottile/mkcert