Closed lovasoa closed 8 months ago
This makes it impossible to use actix-web with rustls_acme
Rustls v0.22 support will be released this week.
I'd also say that we have an official example for ACME using https://crates.io/crates/acme-rfc8555 which is Rustls version independent so you could use this in the mean time. (rustls_acme also seems quite heavy in terms of dependencies so it wouldn't be my first choice.)
Alternatively you can downgrade to a version of rustls_acme that runs on Rustls v0.21.
Great, happy to learn about the new version!
What rustls-acme does is more powerful than what your example illustrates. Your example requires exposing both an http AND an https server, whereas the entire process can run without even requiring access to port 80.
The example provided is sub-optimal from that standpoint but is more useful for teaching purposes for that repo.
It sounds like you're after TLS-ALPN-01 verification: https://github.com/x52dev/acme-rfc8555/blob/main/examples/tls-alpn-01.rs
Yes, this is what is implemented in rustls_acme
actix-web has two feature flags:
rustls-0_20
andrustls-0_21
. However, the latest version of rustls is 0.22. When trying to compile an application that depends on the latest rustls, the compilation fails.