1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
//! Run with `cargo run --all-features --example rustls_reload` command.
//!
//! To connect through browser, navigate to "https://localhost:3000" url.
//!
//! Certificate common name will be "localhost".
//!
//! After 20 seconds, certificate common name will be "reloaded".
use axum::{routing::get, Router};
use axum_server::tls_rustls::RustlsConfig;
use std::{net::SocketAddr, time::Duration};
use tokio::time::sleep;
#[tokio::main]
async fn main() {
let app = Router::new().route("/", get(|| async { "Hello, world!" }));
let config = RustlsConfig::from_pem_file(
"examples/self-signed-certs/cert.pem",
"examples/self-signed-certs/key.pem",
)
.await
.unwrap();
// Spawn a task to reload tls.
tokio::spawn(reload(config.clone()));
let addr = SocketAddr::from(([127, 0, 0, 1], 3000));
println!("listening on {}", addr);
axum_server::bind_rustls(addr, config)
.serve(app.into_make_service())
.await
.unwrap();
}
async fn reload(config: RustlsConfig) {
// Wait for 20 seconds.
sleep(Duration::from_secs(20)).await;
println!("reloading rustls configuration");
// Reload rustls configuration from new files.
config
.reload_from_pem_file(
"examples/self-signed-certs/reload/cert.pem",
"examples/self-signed-certs/reload/key.pem",
)
.await
.unwrap();
println!("rustls configuration reloaded");
}
|
