50 lines
1.5 KiB
Rust
50 lines
1.5 KiB
Rust
use std::sync::Arc;
|
|
use rustls::ClientHello;
|
|
use rustls::NoClientAuth;
|
|
use rustls::ServerConfig;
|
|
use rustls::ResolvesServerCert;
|
|
use rustls::sign;
|
|
use rustls::sign::CertifiedKey;
|
|
use rustls::internal::pemfile;
|
|
use actix_web::App;
|
|
use actix_web::HttpServer;
|
|
use actix_web::get;
|
|
use actix_web::Responder;
|
|
|
|
const CERT_CHAIN: &str = include_str!("cert_chain.pem");
|
|
const PRIVATE_KEY: &str = include_str!("private_key.pem");
|
|
|
|
struct ResolvesServerCertImpl;
|
|
impl ResolvesServerCert for ResolvesServerCertImpl {
|
|
fn resolve(&self, client_hello: ClientHello) -> Option<CertifiedKey> {
|
|
println!("Request server name: {:?}", client_hello.server_name());
|
|
|
|
let mut cert_chain_bytes = CERT_CHAIN.as_bytes();
|
|
let mut private_key_bytes = PRIVATE_KEY.as_bytes();
|
|
|
|
let cert_chain = pemfile::certs(&mut cert_chain_bytes).unwrap();
|
|
let mut keys = pemfile::pkcs8_private_keys(&mut private_key_bytes).unwrap();
|
|
let signing_key = sign::any_supported_type(&keys.remove(0)).unwrap();
|
|
|
|
Some(CertifiedKey::new(cert_chain, Arc::new(signing_key)))
|
|
}
|
|
}
|
|
|
|
#[get("/")]
|
|
async fn index() -> impl Responder {
|
|
format!("Hello world!")
|
|
}
|
|
|
|
#[actix_web::main]
|
|
async fn main() -> std::io::Result<()> {
|
|
let mut config = ServerConfig::new(NoClientAuth::new());
|
|
config.cert_resolver = Arc::new(ResolvesServerCertImpl);
|
|
|
|
let listen = "127.0.0.1:8443";
|
|
println!("Listen at: {}", listen);
|
|
HttpServer::new(|| App::new().service(index))
|
|
.bind_rustls(listen, config)?
|
|
.run()
|
|
.await
|
|
}
|