Skip to content

Commit 21b98f7

Browse files
hatoohatoo
committed
update
1 parent 674b24f commit 21b98f7

File tree

3 files changed

+17
-10
lines changed

3 files changed

+17
-10
lines changed

Cargo.lock

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Cargo.toml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -53,5 +53,6 @@ clap = { version = "4.5.35", features = ["derive"] }
5353
ctor = "0.4.1"
5454
rcgen = { version = "0.14.3", features = ["x509-parser", "pem"] }
5555
reqwest = { version = "0.12.15", features = ["native-tls-alpn"] }
56+
rustls-pki-types = "1.12.0"
5657
tracing-subscriber = { version = "0.3.18", features = ["env-filter"] }
5758
winnow = "0.7.4"

examples/https.rs

Lines changed: 15 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ use std::{path::PathBuf, sync::Arc};
33
use clap::{Args, Parser};
44
use http_mitm_proxy::{DefaultClient, MitmProxy, hyper::service::service_fn, moka::sync::Cache};
55
use hyper_util::rt::{TokioExecutor, TokioIo};
6+
use rustls_pki_types::pem::PemObject;
67
use tokio::net::TcpListener;
78
use tokio_rustls::{
89
TlsAcceptor,
@@ -27,7 +28,7 @@ struct ExternalIssuer {
2728
private_key: PathBuf,
2829
}
2930

30-
fn make_root_issuer() -> rcgen::Issuer<'static, rcgen::KeyPair> {
31+
fn make_root_issuer() -> (rcgen::Issuer<'static, rcgen::KeyPair>, Vec<u8>) {
3132
let mut params = rcgen::CertificateParams::default();
3233

3334
params.distinguished_name = rcgen::DistinguishedName::new();
@@ -59,7 +60,7 @@ fn make_root_issuer() -> rcgen::Issuer<'static, rcgen::KeyPair> {
5960
println!("Private key");
6061
println!("{}", signing_key.serialize_pem());
6162

62-
rcgen::Issuer::new(params, signing_key)
63+
(rcgen::Issuer::new(params, signing_key), cert.der().to_vec())
6364
}
6465

6566
#[tokio::main]
@@ -71,18 +72,24 @@ async fn main() {
7172
.with_line_number(true)
7273
.init();
7374

74-
let root_issuer = if let Some(external_issuer) = opt.external_issuer {
75+
let (root_issuer, cert_der) = if let Some(external_issuer) = opt.external_issuer {
7576
// Use existing key
7677
let signing_key = rcgen::KeyPair::from_pem(
7778
&std::fs::read_to_string(&external_issuer.private_key).unwrap(),
7879
)
7980
.unwrap();
8081

81-
rcgen::Issuer::from_ca_cert_pem(
82-
&std::fs::read_to_string(&external_issuer.cert).unwrap(),
83-
signing_key,
82+
let cert_pem = std::fs::read_to_string(&external_issuer.cert).unwrap();
83+
let cert = rustls_pki_types::CertificateDer::from_pem_slice(cert_pem.as_bytes()).unwrap();
84+
85+
(
86+
rcgen::Issuer::from_ca_cert_pem(
87+
&std::fs::read_to_string(&external_issuer.cert).unwrap(),
88+
signing_key,
89+
)
90+
.unwrap(),
91+
cert.to_vec(),
8492
)
85-
.unwrap()
8693
} else {
8794
make_root_issuer()
8895
};
@@ -91,9 +98,7 @@ async fn main() {
9198
let mut server_config = ServerConfig::builder()
9299
.with_no_client_auth()
93100
.with_single_cert(
94-
vec![CertificateDer::from(
95-
root_issuer.key().public_key_raw().to_vec(),
96-
)],
101+
vec![CertificateDer::from(cert_der)],
97102
rustls::pki_types::PrivateKeyDer::Pkcs8(PrivatePkcs8KeyDer::from(
98103
root_issuer.key().serialize_der(),
99104
)),

0 commit comments

Comments
 (0)