mirror of
https://github.com/actix/examples
synced 2024-12-02 18:02:22 +01:00
35 lines
851 B
Markdown
35 lines
851 B
Markdown
|
# Access Client Certificate (via Rustls)
|
||
|
|
||
|
## Usage
|
||
|
|
||
|
### Certificate
|
||
|
|
||
|
All the self-signed certificate are in the ./certs directory, including the CA certificate
|
||
|
generated by [`mkcert`] that was used to create the server and client certs.
|
||
|
|
||
|
### Server
|
||
|
|
||
|
```sh
|
||
|
cd examples/rustls-client-cert
|
||
|
cargo run
|
||
|
```
|
||
|
|
||
|
The server runs HTTP on port 8080 and HTTPS on port 8443.
|
||
|
|
||
|
### Providing Client Cert
|
||
|
|
||
|
Using [HTTPie]:
|
||
|
```sh
|
||
|
# `--verify=false` used because HTTPie doesn't have an option to provide the CA cert
|
||
|
http https://127.0.0.1:8443/ --verify=false --cert=certs/client-cert.pem --cert-key=certs/client-key.pem
|
||
|
```
|
||
|
|
||
|
Using [cURL]:
|
||
|
```sh
|
||
|
curl https://127.0.0.1:8443/ --cacert certs/rootCA.pem --cert certs/client-cert.pem --key certs/client-key.pem
|
||
|
```
|
||
|
|
||
|
[`mkcert`]: https://github.com/FiloSottile/mkcert
|
||
|
[cURL]: https://curl.haxx.se/
|
||
|
[HTTPie]: https://httpie.org/
|