Struct openssl::ssl::SslContextRef
[−]
[src]
pub struct SslContextRef<'a>(_, _);
A borrowed SSL context object.
Methods
impl<'a> SslContextRef<'a>
[src]
unsafe fn from_ptr(ctx: *mut SSL_CTX) -> SslContextRef<'a>
fn as_ptr(&self) -> *mut SSL_CTX
fn set_verify(&mut self, mode: SslVerifyMode)
Configures the certificate verification method for new connections.
fn set_verify_callback<F>(&mut self, mode: SslVerifyMode, verify: F) where F: Fn(bool, &X509StoreContext) -> bool + Any + 'static + Sync + Send
Configures the certificate verification method for new connections and registers a verification callback.
fn set_servername_callback<F>(&mut self, callback: F) where F: Fn(&mut SslRef) -> Result<(), SniError> + Any + 'static + Sync + Send
Configures the server name indication (SNI) callback for new connections
Obtain the server name with servername
then set the corresponding context
with set_ssl_context
fn set_verify_depth(&mut self, depth: u32)
Sets verification depth
fn set_read_ahead(&mut self, m: u32)
fn set_tmp_dh(&mut self, dh: &DH) -> Result<(), ErrorStack>
fn set_default_verify_paths(&mut self) -> Result<(), ErrorStack>
Use the default locations of trusted certificates for verification.
These locations are read from the SSL_CERT_FILE
and SSL_CERT_DIR
environment variables if present, or defaults specified at OpenSSL
build time otherwise.
fn set_CA_file<P: AsRef<Path>>(&mut self, file: P) -> Result<(), ErrorStack>
Specifies the file that contains trusted CA certificates.
fn set_session_id_context(&mut self, sid_ctx: &[u8]) -> Result<(), ErrorStack>
Set the context identifier for sessions
This value identifies the server's session cache to a clients, telling them when they're able to reuse sessions. Should be set to a unique value per server, unless multiple servers share a session cache.
This value should be set when using client certificates, or each request will fail handshake and need to be restarted.
fn set_certificate_file<P: AsRef<Path>>(&mut self, file: P, file_type: X509FileType) -> Result<(), ErrorStack>
Specifies the file that contains certificate
fn set_certificate_chain_file<P: AsRef<Path>>(&mut self, file: P, file_type: X509FileType) -> Result<(), ErrorStack>
Specifies the file that contains certificate chain
fn set_certificate(&mut self, cert: &X509Ref) -> Result<(), ErrorStack>
Specifies the certificate
fn add_extra_chain_cert(&mut self, cert: &X509Ref) -> Result<(), ErrorStack>
Adds a certificate to the certificate chain presented together with the certificate specified using set_certificate()
fn set_private_key_file<P: AsRef<Path>>(&mut self, file: P, file_type: X509FileType) -> Result<(), ErrorStack>
Specifies the file that contains private key
fn set_private_key(&mut self, key: &PKey) -> Result<(), ErrorStack>
Specifies the private key
fn check_private_key(&mut self) -> Result<(), ErrorStack>
Check consistency of private key and certificate
fn set_cipher_list(&mut self, cipher_list: &str) -> Result<(), ErrorStack>
fn set_ecdh_auto(&mut self, onoff: bool) -> Result<(), ErrorStack>
If onoff
is set to true
, enable ECDHE for key exchange with compatible
clients, and automatically select an appropriate elliptic curve.
This method requires OpenSSL >= 1.0.2 or LibreSSL and the ecdh_auto
feature.
fn set_options(&mut self, option: SslContextOptions) -> SslContextOptions
fn options(&self) -> SslContextOptions
fn clear_options(&mut self, option: SslContextOptions) -> SslContextOptions
fn set_npn_protocols(&mut self, protocols: &[&[u8]])
Set the protocols to be used during Next Protocol Negotiation (the protocols supported by the application).
This method needs the npn
feature.
fn set_alpn_protocols(&mut self, protocols: &[&[u8]])
Set the protocols to be used during ALPN (application layer protocol negotiation). If this is a server, these are the protocols we report to the client. If this is a client, these are the protocols we try to match with those reported by the server.
Note that ordering of the protocols controls the priority with which they are chosen.
This method needs the alpn
feature.