diff --git a/Cargo.lock b/Cargo.lock index 5515e46d..27097f12 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1990,7 +1990,7 @@ dependencies = [ "parking_lot 0.12.1", "rustls 0.21.10", "rustls-pemfile", - "tokio 1.35.1", + "tokio 1.36.0", ] [[package]] diff --git a/https-tls/cert-watch/README.md b/https-tls/cert-watch/README.md index f2452e9e..6ff3ae2a 100644 --- a/https-tls/cert-watch/README.md +++ b/https-tls/cert-watch/README.md @@ -32,7 +32,9 @@ $ touch cert.pem ### Client +- [HTTPie]: `http --verify=no :8443` - cURL: `curl -v --insecure https://127.0.0.1:8443` -- Browser: go to +- Browser: navigate to [`mkcert`]: https://github.com/FiloSottile/mkcert +[httpie]: https://httpie.io/cli diff --git a/https-tls/cert-watch/src/main.rs b/https-tls/cert-watch/src/main.rs index a686bfe4..8d18582d 100644 --- a/https-tls/cert-watch/src/main.rs +++ b/https-tls/cert-watch/src/main.rs @@ -54,7 +54,7 @@ async fn main() -> eyre::Result<()> { // loop reloads on TLS changes and exits on normal ctrl-c (etc.) signals loop { // load TLS cert/key files and - let config = load_rustls_config(); + let config = load_rustls_config()?; log::info!("starting HTTPS server at https://localhost:8443"); @@ -97,24 +97,19 @@ async fn main() -> eyre::Result<()> { Ok(()) } -fn load_rustls_config() -> rustls::ServerConfig { +fn load_rustls_config() -> eyre::Result { // init server config builder with safe defaults let config = ServerConfig::builder() .with_safe_defaults() .with_no_client_auth(); // load TLS key/cert files - let cert_file = &mut BufReader::new(File::open("cert.pem").unwrap()); - let key_file = &mut BufReader::new(File::open("key.pem").unwrap()); + let cert_file = &mut BufReader::new(File::open("cert.pem")?); + let key_file = &mut BufReader::new(File::open("key.pem")?); // convert files to key/cert objects - let cert_chain = certs(cert_file) - .unwrap() - .into_iter() - .map(Certificate) - .collect(); - let mut keys: Vec = pkcs8_private_keys(key_file) - .unwrap() + let cert_chain = certs(cert_file)?.into_iter().map(Certificate).collect(); + let mut keys: Vec = pkcs8_private_keys(key_file)? .into_iter() .map(PrivateKey) .collect(); @@ -125,5 +120,5 @@ fn load_rustls_config() -> rustls::ServerConfig { std::process::exit(1); } - config.with_single_cert(cert_chain, keys.remove(0)).unwrap() + Ok(config.with_single_cert(cert_chain, keys.remove(0))?) }