Trait rustls::ResolvesClientCert
source · [−]pub trait ResolvesClientCert: Send + Sync {
fn resolve(
&self,
acceptable_issuers: &[&[u8]],
sigschemes: &[SignatureScheme]
) -> Option<CertifiedKey>;
fn has_certs(&self) -> bool;
}
Expand description
A trait for the ability to choose a certificate chain and private key for the purposes of client authentication.
Required Methods
sourcefn resolve(
&self,
acceptable_issuers: &[&[u8]],
sigschemes: &[SignatureScheme]
) -> Option<CertifiedKey>
fn resolve(
&self,
acceptable_issuers: &[&[u8]],
sigschemes: &[SignatureScheme]
) -> Option<CertifiedKey>
With the server-supplied acceptable issuers in acceptable_issuers
,
the server’s supported signature schemes in sigschemes
,
return a certificate chain and signing key to authenticate.
acceptable_issuers
is undecoded and unverified by the rustls
library, but it should be expected to contain a DER encodings
of X501 NAMEs.
Return None to continue the handshake without any client authentication. The server may reject the handshake later if it requires authentication.