Struct reqwest::tls::Identity

pub struct Identity { /* private fields */ }

Represents a private key and X509 cert as a client certificate.

Implementations

impl Identity

pub fn from_pkcs12_der(der: &[u8], password: &str) -> Result<Identity>

Parses a DER-formatted PKCS #12 archive, using the specified password to decrypt the key.

The archive should contain a leaf certificate and its private key, as well any intermediate certificates that allow clients to build a chain to a trusted root. The chain certificates should be in order from the leaf certificate towards the root.

PKCS #12 archives typically have the file extension .p12 or .pfx, and can be created with the OpenSSL pkcs12 tool:

openssl pkcs12 -export -out identity.pfx -inkey key.pem -in cert.pem -certfile chain_certs.pem

Examples

let mut buf = Vec::new();
File::open("my-ident.pfx")?
    .read_to_end(&mut buf)?;
let pkcs12 = reqwest::Identity::from_pkcs12_der(&buf, "my-privkey-password")?;

Optional

This requires the native-tls Cargo feature enabled.

pub fn from_pkcs8_pem(pem: &[u8], key: &[u8]) -> Result<Identity>

Parses a chain of PEM encoded X509 certificates, with the leaf certificate first. key is a PEM encoded PKCS #8 formatted private key for the leaf certificate.

The certificate chain should contain any intermediate cerficates that should be sent to clients to allow them to build a chain to a trusted root.

A certificate chain here means a series of PEM encoded certificates concatenated together.

Examples

let cert = fs::read("client.pem")?;
let key = fs::read("key.pem")?;
let pkcs8 = reqwest::Identity::from_pkcs8_pem(&cert, &key)?;

Optional

This requires the native-tls Cargo feature enabled.

Trait Implementations

impl Clone for Identity

fn clone(&self) -> Identity

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Identity

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.