use std::{fs::File, io::BufReader}; use actix_files::Files; use actix_web::{ http::header::ContentType, middleware, web, App, HttpRequest, HttpResponse, HttpServer, }; use actix_web_lab::web::redirect; use log::debug; use rustls::{Certificate, PrivateKey, ServerConfig}; use rustls_pemfile::{certs, pkcs8_private_keys}; /// simple handle async fn index(req: HttpRequest) -> HttpResponse { debug!("{req:?}"); HttpResponse::Ok().content_type(ContentType::html()).body( "\

Welcome to your TLS-secured homepage!

\ ", ) } #[actix_web::main] async fn main() -> std::io::Result<()> { env_logger::init_from_env(env_logger::Env::default().default_filter_or("info")); let config = load_rustls_config(); log::info!("starting HTTPS server at http://localhost:8443"); HttpServer::new(|| { App::new() // enable logger .wrap(middleware::Logger::default()) // register simple handler, handle all methods .service(web::resource("/index.html").to(index)) .service(redirect("/", "/index.html")) .service(Files::new("/static", "static")) }) .bind_rustls("127.0.0.1:8443", config)? .run() .await } fn load_rustls_config() -> rustls::ServerConfig { // init server config builder with safe defaults let config = ServerConfig::builder() .with_safe_defaults() .with_no_client_auth(); // load TLS key/cert files let cert_file = &mut BufReader::new(File::open("cert.pem").unwrap()); let key_file = &mut BufReader::new(File::open("key.pem").unwrap()); // convert files to key/cert objects let cert_chain = certs(cert_file) .unwrap() .into_iter() .map(Certificate) .collect(); let mut keys: Vec = pkcs8_private_keys(key_file) .unwrap() .into_iter() .map(PrivateKey) .collect(); // exit if no keys could be parsed if keys.is_empty() { eprintln!("Could not locate PKCS 8 private keys."); std::process::exit(1); } config.with_single_cert(cert_chain, keys.remove(0)).unwrap() }