This project contains Rust library for PKI-related tasks such as generating and validating certificate chains. It can be used to easily create certificate chains on the fly for testing purposes.
See tests/test_gen_chain.rs and examples/tls-server.rs for detailed examples.
```rust,norun,ignore
fn main() -> Result<(), Box
let identity = Identity::from_pkcs8(&pkcs8, &pkcs8)?;
let acceptor = TlsAcceptor::builder(identity).build()?;
let server = TcpListener::bind(format!("{}:{}", HOSTNAME, PORT))?;
for stream in server.incoming() {
let mut stream = acceptor.accept(stream?)?;
}
} ```
rust,no_run,ignore
fn client(key_store: &KeyStore) -> Result<(), Box<dyn std::error::Error>> {
let client = TcpStream::connect(format!("{}:{}", HOSTNAME, PORT))?;
let connector = TlsConnector::builder()
.add_root_certificate(Certificate::from_der(
&key_store.certs().last().unwrap().to_der()?,
)?)
.build()?;
let mut client = connector.connect(HOSTNAME, client)?;
}
Licensed under MIT or Apache license (LICENSE-MIT or LICENSE-APACHE)