1
0
mirror of https://github.com/actix/examples synced 2024-11-27 16:02:57 +01:00

Fix rustls example to support pkcs8 keys (#347)

This commit is contained in:
Max 2020-10-25 20:12:33 +03:00 committed by GitHub
parent 5573e5fd34
commit 9c9db0de55
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 6 deletions

View File

@ -15,12 +15,13 @@ mkcert -install
If you want to generate your own cert/private key file, then run: If you want to generate your own cert/private key file, then run:
```bash ```bash
mkcert 127.0.0.1 mkcert 127.0.0.1 localhost
``` ```
If your key doesn't work, convert it to rsa: For `rsa` keys use `rsa_private_keys` function instead `pkcs8_private_keys`
```bash ```
openssl rsa -in key.pem -out key-rsa.pem let mut keys = pkcs8_private_keys(key_file).unwrap(); // pkcs8
let mut keys = rsa_private_keys(key_file).unwrap(); // rsa
``` ```
[`mkcert`]: https://github.com/FiloSottile/mkcert [`mkcert`]: https://github.com/FiloSottile/mkcert

View File

@ -3,7 +3,7 @@ use std::io::BufReader;
use actix_files::Files; use actix_files::Files;
use actix_web::{middleware, web, App, HttpRequest, HttpResponse, HttpServer}; use actix_web::{middleware, web, App, HttpRequest, HttpResponse, HttpServer};
use rustls::internal::pemfile::{certs, rsa_private_keys}; use rustls::internal::pemfile::{certs, pkcs8_private_keys};
use rustls::{NoClientAuth, ServerConfig}; use rustls::{NoClientAuth, ServerConfig};
/// simple handle /// simple handle
@ -28,7 +28,7 @@ async fn main() -> std::io::Result<()> {
let cert_file = &mut BufReader::new(File::open("cert.pem").unwrap()); let cert_file = &mut BufReader::new(File::open("cert.pem").unwrap());
let key_file = &mut BufReader::new(File::open("key.pem").unwrap()); let key_file = &mut BufReader::new(File::open("key.pem").unwrap());
let cert_chain = certs(cert_file).unwrap(); let cert_chain = certs(cert_file).unwrap();
let mut keys = rsa_private_keys(key_file).unwrap(); let mut keys = pkcs8_private_keys(key_file).unwrap();
config.set_single_cert(cert_chain, keys.remove(0)).unwrap(); config.set_single_cert(cert_chain, keys.remove(0)).unwrap();
HttpServer::new(|| { HttpServer::new(|| {