1
0
mirror of https://github.com/actix/examples synced 2024-11-27 16:02:57 +01:00

chore(cert-watch): better error handling

This commit is contained in:
Rob Ede 2024-02-06 02:55:39 +00:00
parent 183c924220
commit 7f20870e0f
No known key found for this signature in database
GPG Key ID: 97C636207D3EF933
3 changed files with 11 additions and 14 deletions

2
Cargo.lock generated
View File

@ -1990,7 +1990,7 @@ dependencies = [
"parking_lot 0.12.1",
"rustls 0.21.10",
"rustls-pemfile",
"tokio 1.35.1",
"tokio 1.36.0",
]
[[package]]

View File

@ -32,7 +32,9 @@ $ touch cert.pem
### Client
- [HTTPie]: `http --verify=no :8443`
- cURL: `curl -v --insecure https://127.0.0.1:8443`
- Browser: go to <https://127.0.0.1:8443>
- Browser: navigate to <https://127.0.0.1:8443>
[`mkcert`]: https://github.com/FiloSottile/mkcert
[httpie]: https://httpie.io/cli

View File

@ -54,7 +54,7 @@ async fn main() -> eyre::Result<()> {
// loop reloads on TLS changes and exits on normal ctrl-c (etc.) signals
loop {
// load TLS cert/key files and
let config = load_rustls_config();
let config = load_rustls_config()?;
log::info!("starting HTTPS server at https://localhost:8443");
@ -97,24 +97,19 @@ async fn main() -> eyre::Result<()> {
Ok(())
}
fn load_rustls_config() -> rustls::ServerConfig {
fn load_rustls_config() -> eyre::Result<rustls::ServerConfig> {
// init server config builder with safe defaults
let config = ServerConfig::builder()
.with_safe_defaults()
.with_no_client_auth();
// load TLS key/cert files
let cert_file = &mut BufReader::new(File::open("cert.pem").unwrap());
let key_file = &mut BufReader::new(File::open("key.pem").unwrap());
let cert_file = &mut BufReader::new(File::open("cert.pem")?);
let key_file = &mut BufReader::new(File::open("key.pem")?);
// convert files to key/cert objects
let cert_chain = certs(cert_file)
.unwrap()
.into_iter()
.map(Certificate)
.collect();
let mut keys: Vec<PrivateKey> = pkcs8_private_keys(key_file)
.unwrap()
let cert_chain = certs(cert_file)?.into_iter().map(Certificate).collect();
let mut keys: Vec<PrivateKey> = pkcs8_private_keys(key_file)?
.into_iter()
.map(PrivateKey)
.collect();
@ -125,5 +120,5 @@ fn load_rustls_config() -> rustls::ServerConfig {
std::process::exit(1);
}
config.with_single_cert(cert_chain, keys.remove(0)).unwrap()
Ok(config.with_single_cert(cert_chain, keys.remove(0))?)
}