pub trait ResolvesClientCert: Send + Sync {
    fn resolve(
        &self,
        acceptable_issuers: &[&[u8]],
        sigschemes: &[SignatureScheme]
    ) -> Option<CertifiedKey>; fn has_certs(&self) -> bool; }
Expand description

A trait for the ability to choose a certificate chain and private key for the purposes of client authentication.

Required Methods

With the server-supplied acceptable issuers in acceptable_issuers, the server’s supported signature schemes in sigschemes, return a certificate chain and signing key to authenticate.

acceptable_issuers is undecoded and unverified by the rustls library, but it should be expected to contain a DER encodings of X501 NAMEs.

Return None to continue the handshake without any client authentication. The server may reject the handshake later if it requires authentication.

Return true if any certificates at all are available.

Implementors