alkdev/reverse-proxy
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implement manual TLS certificate loading and ServerConfig construction

Browse Source 
- Add tls::config module with manual TLS mode support
- Load PEM certificates and private keys via rustls_pemfile
- Build ServerConfig with aws_lc_rs crypto provider
- Restrict cipher suites per ADR-012 (4 TLS 1.2 ECDHE-AES-GCM + all TLS 1.3)
- Configure protocol versions to TLS 1.2 and 1.3 only
- Implement SniCertResolver for multi-domain manual mode
- Unknown SNI hostname fails handshake (no default cert)
- Add tempfile dev dependency for test file operations
- Add 11 unit tests covering config, cipher suites, and SNI resolution
This commit is contained in:
glm-5.1
2026-06-11 11:57:24 +00:00
parent 33a448505e
commit dd748b973d
4 changed files with 339 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
Cargo.toml
View File

@@ -34,4 +34,5 @@ thiserror = "=2.0.18"
[dev-dependencies]
rcgen = "=0.13"
reqwest = { version = "=0.12", features = ["json"] }
reqwest = { version = "=0.12", features = ["json"] }
tempfile = "=3.20"