# TLS / HTTPS (via Rustls) ## Usage ### Certificate We put the self-signed certificate in this directory as an example but your browser would complain that it isn't secure. So we recommend to use [`mkcert`] to trust it. To use local CA, you should run: ```bash mkcert -install ``` If you want to generate your own cert/private key file, then run: ```bash mkcert 127.0.0.1 localhost ``` For `rsa` keys use `rsa_private_keys` function instead `pkcs8_private_keys` ``` let mut keys = pkcs8_private_keys(key_file).unwrap(); // pkcs8 let mut keys = rsa_private_keys(key_file).unwrap(); // rsa ``` [`mkcert`]: https://github.com/FiloSottile/mkcert ### Running the Example Server ```bash cd security/rustls cargo run # (or ``cargo watch -x run``) # Started http server: 127.0.0.1:8443 ``` If you prefer reloading you can substitute `cargo watch -x run`. That requires you install the `cargo-watch` crate. ### web client - curl: ``curl -v https://127.0.0.1:8443/index.html --compressed -k`` - browser: [https://127.0.0.1:8443/index.html](https://127.0.0.1:8443/index.html)