From a554e6467e4f33c06f0cd5ab81993a3b7afe3da6 Mon Sep 17 00:00:00 2001
From: Olivier Guittonneau <o.guittonneau@fractalenergy.io>
Date: Thu, 3 Apr 2025 17:59:14 +0200
Subject: [PATCH] Simplify acme-letsencrypt example

---
 Cargo.lock                             | 1 -
 https-tls/acme-letsencrypt/Cargo.toml  | 1 -
 https-tls/acme-letsencrypt/src/main.rs | 9 ++++-----
 3 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index cdaf81c3..53f52178 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -8410,7 +8410,6 @@ dependencies = [
  "eyre",
  "log",
  "rustls 0.23.25",
- "rustls-pemfile 2.2.0",
  "tokio",
 ]
 
diff --git a/https-tls/acme-letsencrypt/Cargo.toml b/https-tls/acme-letsencrypt/Cargo.toml
index 94c82950..cb163c30 100644
--- a/https-tls/acme-letsencrypt/Cargo.toml
+++ b/https-tls/acme-letsencrypt/Cargo.toml
@@ -12,5 +12,4 @@ env_logger.workspace = true
 eyre.workspace = true
 log.workspace = true
 rustls.workspace = true
-rustls-pemfile.workspace = true
 tokio = { workspace = true, features = ["fs"] }
diff --git a/https-tls/acme-letsencrypt/src/main.rs b/https-tls/acme-letsencrypt/src/main.rs
index 0402f059..7eac1d63 100644
--- a/https-tls/acme-letsencrypt/src/main.rs
+++ b/https-tls/acme-letsencrypt/src/main.rs
@@ -4,7 +4,7 @@ use acme::{Certificate, Directory, DirectoryUrl, create_p256_key};
 use actix_files::Files;
 use actix_web::{App, HttpRequest, HttpServer, Responder, rt, web};
 use eyre::eyre;
-use rustls::pki_types::{PrivateKeyDer, PrivatePkcs8KeyDer};
+use rustls::pki_types::{CertificateDer, PrivateKeyDer, PrivatePkcs8KeyDer, pem::PemObject};
 use tokio::fs;
 
 const CHALLENGE_DIR: &str = "./acme-challenges";
@@ -188,10 +188,9 @@ fn load_rustls_config(cert: Certificate) -> eyre::Result<rustls::ServerConfig> {
     let private_key = PrivateKeyDer::Pkcs8(PrivatePkcs8KeyDer::from(cert.private_key_der()?));
 
     // convert ACME-obtained certificate chain
-    let cert_chain =
-        rustls_pemfile::certs(&mut std::io::BufReader::new(cert.certificate().as_bytes()))
-            .collect::<Result<Vec<_>, _>>()
-            .unwrap();
+    let cert_chain = CertificateDer::pem_slice_iter(cert.certificate().as_bytes())
+        .flatten()
+        .collect();
 
     Ok(config.with_single_cert(cert_chain, private_key)?)
 }