Struct actix_connect::ssl::rustls::ClientConfig [−][src]
pub struct ClientConfig {
pub ciphersuites: Vec<&'static SupportedCipherSuite, Global>,
pub root_store: RootCertStore,
pub alpn_protocols: Vec<Vec<u8, Global>, Global>,
pub session_persistence: Arc<dyn StoresClientSessions + 'static>,
pub mtu: Option<usize>,
pub client_auth_cert_resolver: Arc<dyn ResolvesClientCert + 'static>,
pub enable_tickets: bool,
pub versions: Vec<ProtocolVersion, Global>,
pub ct_logs: Option<&'static [&'static Log<'static>]>,
pub enable_sni: bool,
pub key_log: Arc<dyn KeyLog + 'static>,
pub enable_early_data: bool,
// some fields omitted
}
Expand description
Common configuration for (typically) all connections made by a program.
Making one of these can be expensive, and should be once per process rather than once per connection.
Fields
ciphersuites: Vec<&'static SupportedCipherSuite, Global>
List of ciphersuites, in preference order.
root_store: RootCertStore
Collection of root certificates.
alpn_protocols: Vec<Vec<u8, Global>, Global>
Which ALPN protocols we include in our client hello. If empty, no ALPN extension is sent.
session_persistence: Arc<dyn StoresClientSessions + 'static>
How we store session data or tickets.
mtu: Option<usize>
Our MTU. If None, we don’t limit TLS message sizes.
client_auth_cert_resolver: Arc<dyn ResolvesClientCert + 'static>
How to decide what client auth certificate/keys to use.
enable_tickets: bool
Whether to support RFC5077 tickets. You must provide a working
session_persistence
member for this to have any meaningful
effect.
The default is true.
versions: Vec<ProtocolVersion, Global>
Supported versions, in no particular order. The default is all supported versions.
ct_logs: Option<&'static [&'static Log<'static>]>
Collection of certificate transparency logs. If this collection is empty, then certificate transparency checking is disabled.
enable_sni: bool
Whether to send the Server Name Indication (SNI) extension during the client handshake.
The default is true.
key_log: Arc<dyn KeyLog + 'static>
How to output key material for debugging. The default does nothing.
enable_early_data: bool
Whether to send data on the first flight (“early data”) in TLS 1.3 handshakes.
The default is false.
Implementations
Make a ClientConfig
with a default set of ciphersuites,
no root certificates, no ALPN protocols, and no client auth.
The default session persistence provider stores up to 32 items in memory.
Make a ClientConfig
with a custom set of ciphersuites,
no root certificates, no ALPN protocols, and no client auth.
The default session persistence provider stores up to 32 items in memory.
Set the ALPN protocol list to the given protocol names.
Overwrites any existing configured protocols.
The first element in the protocols
list is the most
preferred, the last is the least preferred.
Sets persistence layer to persist
.
Sets MTU to mtu
. If None, the default is used.
If Some(x) then x must be greater than 5 bytes.
pub fn set_single_client_cert(
&mut self,
cert_chain: Vec<Certificate, Global>,
key_der: PrivateKey
) -> Result<(), TLSError>
pub fn set_single_client_cert(
&mut self,
cert_chain: Vec<Certificate, Global>,
key_der: PrivateKey
) -> Result<(), TLSError>
Sets a single client authentication certificate and private key. This is blindly used for all servers that ask for client auth.
cert_chain
is a vector of DER-encoded certificates,
key_der
is a DER-encoded RSA or ECDSA private key.
Access configuration options whose use is dangerous and requires extra care.
Trait Implementations
Returns the “default value” for a type. Read more
Auto Trait Implementations
impl !RefUnwindSafe for ClientConfig
impl Send for ClientConfig
impl Sync for ClientConfig
impl Unpin for ClientConfig
impl !UnwindSafe for ClientConfig
Blanket Implementations
Mutably borrows from an owned value. Read more