search

programatik29 / axum-server

High level server designed to be used with axum framework.
MIT License
166 stars 54 forks source link

Feature Request: support PEM files that contain both certificate and key #87

Closed garlic-hub closed 7 months ago

garlic-hub commented 9 months ago

We are using a PEM file that contains both the CERTIFICATE and PRIVATE KEY in one file. The file looks like this

-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----

-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----

And I load it though the from_pem_file similar to this

let path = "/path/to/combo.pem";
let tls_config = RustlsConfig::from_pem_file(path, path);

This breaks however if the combo PEM file places the certificates above the key with a private key format not supported error. I believe the problem stems from here which assumes the key will always be the first section. I understand this is because you expect two separate files to be passed in and I'm cheating a bit by passing in the same file for both.

Our systems don't easily allow us to edit the PEM files and I would like to avoid reading in the file and manually splitting it into separate byte arrays to pass to the from_pem method.

Please consider supporting this functionality. Maybe with a from_pem_combo_file or iterating over the whole file for a key rather than just the first section.

Thank you

programatik29 commented 9 months ago

Looks like a good feature to add. Currently you can do this by passing custom ServerConfig if that is blocking you.