Struct native_tls::Identity
source · pub struct Identity(/* private fields */);
Expand description
A cryptographic identity.
An identity is an X509 certificate along with its corresponding private key and chain of certificates to a trusted root.
Implementations§
source§impl Identity
impl Identity
sourcepub fn from_pkcs12(der: &[u8], password: &str) -> Result<Identity>
pub fn from_pkcs12(der: &[u8], password: &str) -> Result<Identity>
Parses a DER-formatted PKCS #12 archive, using the specified password to decrypt the key.
The archive should contain a leaf certificate and its private key, as well any intermediate certificates that should be sent to clients to allow them to build a chain to a trusted root. The chain certificates should be in order from the leaf certificate towards the root.
PKCS #12 archives typically have the file extension .p12
or .pfx
, and can be created
with the OpenSSL pkcs12
tool:
openssl pkcs12 -export -out identity.pfx -inkey key.pem -in cert.pem -certfile chain_certs.pem
sourcepub fn from_pkcs8(pem: &[u8], key: &[u8]) -> Result<Identity>
pub fn from_pkcs8(pem: &[u8], key: &[u8]) -> Result<Identity>
Parses a chain of PEM encoded X509 certificates, with the leaf certificate first.
key
is a PEM encoded PKCS #8 formatted private key for the leaf certificate.
The certificate chain should contain any intermediate cerficates that should be sent to clients to allow them to build a chain to a trusted root.
A certificate chain here means a series of PEM encoded certificates concatenated together.
Trait Implementations§
Auto Trait Implementations§
impl Freeze for Identity
impl RefUnwindSafe for Identity
impl Send for Identity
impl Sync for Identity
impl Unpin for Identity
impl UnwindSafe for Identity
Blanket Implementations§
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
source§default unsafe fn clone_to_uninit(&self, dst: *mut T)
default unsafe fn clone_to_uninit(&self, dst: *mut T)
clone_to_uninit
)