Struct tokio_native_tls::native_tls::Identity
source · pub struct Identity(/* private fields */);
Expand description
A cryptographic identity.
An identity is an X509 certificate along with its corresponding private key and chain of certificates to a trusted root.
Implementations§
source§impl Identity
impl Identity
sourcepub fn from_pkcs12(der: &[u8], password: &str) -> Result<Identity, Error>
pub fn from_pkcs12(der: &[u8], password: &str) -> Result<Identity, Error>
Parses a DER-formatted PKCS #12 archive, using the specified password to decrypt the key.
The archive should contain a leaf certificate and its private key, as well any intermediate certificates that should be sent to clients to allow them to build a chain to a trusted root. The chain certificates should be in order from the leaf certificate towards the root.
PKCS #12 archives typically have the file extension .p12
or .pfx
, and can be created
with the OpenSSL pkcs12
tool:
openssl pkcs12 -export -out identity.pfx -inkey key.pem -in cert.pem -certfile chain_certs.pem
sourcepub fn from_pkcs8(pem: &[u8], key: &[u8]) -> Result<Identity, Error>
pub fn from_pkcs8(pem: &[u8], key: &[u8]) -> Result<Identity, Error>
Parses a chain of PEM encoded X509 certificates, with the leaf certificate first.
key
is a PEM encoded PKCS #8 formatted private key for the leaf certificate.
The certificate chain should contain any intermediate cerficates that should be sent to clients to allow them to build a chain to a trusted root.
A certificate chain here means a series of PEM encoded certificates concatenated together.