from_pem implemented for Certificate, but TlsConnectorBuilder.identity still required Pkcs12 #77
Comments
|
There is not yet. Supporting identities through non-PKCS#8 archives is filed as #27. It's doable, but complex for SChannel, and I haven't had a chance to get it working. |
|
This is possible in nativetls 0.1, by explicitly using the OpenSSL backend: let mut ssl =
openssl::ssl::SslConnectorBuilder::new(openssl::ssl::SslMethod::tls()).unwrap();
// Server authentication
ssl.set_ca_file(ca_certificate.clone()).unwrap();
// Client authentication
ssl.set_private_key_file(client_key.clone(), openssl::x509::X509_FILETYPE_PEM)
.unwrap();
ssl.set_certificate_chain_file(client_certificate.clone())
.unwrap();
ssl.check_private_key().unwrap();
let builder: native_tls::TlsConnectorBuilder =
native_tls::backend::openssl::TlsConnectorBuilderExt::from_openssl(ssl); |
|
Is this resolved? |
|
Yep, https://docs.rs/native-tls/latest/native_tls/struct.Identity.html#method.from_pkcs8 should cover this. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What would be the preferred method for supporting an identity given by pem, as well? Is there already a way to do this, that I am overlooking?
The text was updated successfully, but these errors were encountered: