mirror of
https://github.com/actix/examples
synced 2025-04-22 08:34:52 +02:00
Simplify rustls example
This commit is contained in:
Olivier Guittonneau
parent
c0c3efddc8
commit
60c8160d6a
1
Cargo.lock
generated
1
Cargo.lock
generated
@ -7006,7 +7006,6 @@ dependencies = [
|
|||||||
"env_logger",
|
"env_logger",
|
||||||
"log",
|
"log",
|
||||||
"rustls 0.23.25",
|
"rustls 0.23.25",
|
||||||
"rustls-pemfile 2.2.0",
|
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
|
|||||||
@ -10,4 +10,3 @@ actix-files.workspace = true
|
|||||||
env_logger.workspace = true
|
env_logger.workspace = true
|
||||||
log.workspace = true
|
log.workspace = true
|
||||||
rustls.workspace = true
|
rustls.workspace = true
|
||||||
rustls-pemfile.workspace = true
|
|
||||||
|
|||||||
@ -1,12 +1,12 @@
|
|||||||
use std::{fs::File, io::BufReader};
|
|
||||||
|
|
||||||
use actix_files::Files;
|
use actix_files::Files;
|
||||||
use actix_web::{
|
use actix_web::{
|
||||||
App, HttpRequest, HttpResponse, HttpServer, http::header::ContentType, middleware, web,
|
App, HttpRequest, HttpResponse, HttpServer, http::header::ContentType, middleware, web,
|
||||||
};
|
};
|
||||||
use log::debug;
|
use log::debug;
|
||||||
use rustls::{ServerConfig, pki_types::PrivateKeyDer};
|
use rustls::{
|
||||||
use rustls_pemfile::{certs, pkcs8_private_keys};
|
ServerConfig,
|
||||||
|
pki_types::{CertificateDer, PrivateKeyDer, pem::PemObject},
|
||||||
|
};
|
||||||
|
|
||||||
/// simple handle
|
/// simple handle
|
||||||
async fn index(req: HttpRequest) -> HttpResponse {
|
async fn index(req: HttpRequest) -> HttpResponse {
|
||||||
@ -46,25 +46,17 @@ fn load_rustls_config() -> rustls::ServerConfig {
|
|||||||
.install_default()
|
.install_default()
|
||||||
.unwrap();
|
.unwrap();
|
||||||
|
|
||||||
// init server config builder with safe defaults
|
|
||||||
let config = ServerConfig::builder().with_no_client_auth();
|
|
||||||
|
|
||||||
// load TLS key/cert files
|
// load TLS key/cert files
|
||||||
let cert_file = &mut BufReader::new(File::open("cert.pem").unwrap());
|
let cert_chain = CertificateDer::pem_file_iter("cert.pem")
|
||||||
let key_file = &mut BufReader::new(File::open("key.pem").unwrap());
|
.unwrap()
|
||||||
|
.flatten()
|
||||||
|
.collect();
|
||||||
|
|
||||||
// convert files to key/cert objects
|
let key_der =
|
||||||
let cert_chain = certs(cert_file).collect::<Result<Vec<_>, _>>().unwrap();
|
PrivateKeyDer::from_pem_file("key.pem").expect("Could not locate PKCS 8 private keys.");
|
||||||
let mut keys = pkcs8_private_keys(key_file)
|
|
||||||
.map(|key| key.map(PrivateKeyDer::Pkcs8))
|
|
||||||
.collect::<Result<Vec<_>, _>>()
|
|
||||||
.unwrap();
|
|
||||||
|
|
||||||
// exit if no keys could be parsed
|
ServerConfig::builder()
|
||||||
if keys.is_empty() {
|
.with_no_client_auth()
|
||||||
eprintln!("Could not locate PKCS 8 private keys.");
|
.with_single_cert(cert_chain, key_der)
|
||||||
std::process::exit(1);
|
.unwrap()
|
||||||
}
|
|
||||||
|
|
||||||
config.with_single_cert(cert_chain, keys.remove(0)).unwrap()
|
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user