FsAxSsl Web Server
Introduction
Welcome to the documentation for the FsAxSsl Web Server! FsAxSsl is a fast and secure web server built using the Actix-Web framework, RustLS for SSL/TLS support, and ACME (Let's Encrypt) for automatic certificate management.
This documentation will guide you through the setup and usage of the FsAxSsl Web Server, enabling you to create secure and reliable web applications.
Table of Contents
Installation
Configuration
Starting the Server
Renewing Certificates
Example Application
1. Installation
To use the FsAxSsl Web Server, you need to have Rust installed on your system. If you haven't installed Rust yet, please visit the Rust website and follow the instructions for your operating system.
Once Rust is installed, you can create a new Rust project and add the following dependencies to your Cargo.toml file:
toml
Copy code
[dependencies]
actix-web = "3.3"
acme-client = "0.9"
rustls = "0.20"
After updating the Cargo.toml file, run the following command to fetch and compile the dependencies:
shell
Copy code
$ cargo build
2. Configuration
The FsAxSsl Web Server requires a valid SSL/TLS certificate and private key for secure communication. The server uses ACME (Let's Encrypt) to automatically obtain and manage certificates. Make sure you have a valid domain name and an email address associated with it.
Open the main.rs file in your project and locate the main function. In this function, you will find the following lines of code:
rust
Copy code
let cert_path = "path/to/certificate.pem";
let key_path = "path/to/private_key.pem";
Replace "path/to/certificate.pem" and "path/to/private_key.pem" with the actual paths to your SSL/TLS certificate and private key files.
3. Starting the Server
To start the FsAxSsl Web Server, use the following command:
shell
Copy code
$ cargo run
The server will start listening on https://127.0.0.1:8443 by default. You can modify the IP address and port in the bind_rustls function call inside the main function.
4. Renewing Certificates
The FsAxSsl Web Server automatically renews SSL/TLS certificates every 89 days. The renewal process is handled in a separate thread to ensure uninterrupted service.
When it's time to renew the certificate, the server will make a request to ACME (Let's Encrypt) using the email address provided. ACME will verify domain ownership and issue a new certificate if necessary. The new certificate will be automatically updated and used by the server without any manual intervention.
5. Example Application
By default, the FsAxSsl Web Server serves a simple "Hello, world!" message at the root URL ("/"). To create your own application, you can modify the index function inside the main.rs file.
rust
Copy code
async fn index() -> HttpResponse {
HttpResponse::Ok().body("Hello, world!")
}
Replace the body of the index function with your own logic to handle HTTP requests.
Conclusion
Congratulations! You have successfully set up and configured the FsAxSsl Web Server. Enjoy building secure and high-performance web applications with ease. If you have any questions
Code
use actix_web::{web, App, HttpServer, HttpResponse};
use acme_client::Directory;
use rustls::internal::pemfile::{certs, pkcs8_private_keys};
use rustls::{NoClientAuth, ServerConfig};
use std::fs::File;
use std::io::BufReader;
use std::sync::{Arc, Mutex};
use std::{fs, thread};
use std::time::Duration;
struct SslManager {
cert_path: String,
key_path: String,
}
impl SslManager {
fn new(cert_path: &str, key_path: &str) -> Self {
SslManager {
cert_path: cert_path.to_owned(),
key_path: key_path.to_owned(),
}
}
fn handle_certificate(&self) -> Result, rustls::PrivateKey), Box
if let (Ok(mut cert_file), Ok(mut key_file)) = (File::open(&self.cert_path), File::open(&self.key_path)) {
let cert_chain = certs(&mut BufReader::new(cert_file))?;
let mut keys = pkcs8_private_keys(&mut BufReader::new(key_file))?;
if keys.len() == 1 {
return Ok((cert_chain, keys.remove(0)));
}
}
let directory = Directory::lets_encrypt()?;
let account = directory.account("mailto:[email protected]")?;
let order = account.new_order("your-domain.com", &[])?;
let (cert_pem, pkey_pem) = order.certificate_pem()?;
fs::write(&self.cert_path, &cert_pem)?;
fs::write(&self.key_path, &pkey_pem)?;
Ok((certs(&mut cert_pem.as_bytes())?, pkcs8_private_keys(&mut pkey_pem.as_bytes())?.remove(0)))
}
fn start_renewal_loop(self, config: Arc
Introduction
Welcome to the documentation for the FsAxSsl Web Server! FsAxSsl is a fast and secure web server built using the Actix-Web framework, RustLS for SSL/TLS support, and ACME (Let's Encrypt) for automatic certificate management.
This documentation will guide you through the setup and usage of the FsAxSsl Web Server, enabling you to create secure and reliable web applications.
Table of Contents
Installation
Configuration
Starting the Server
Renewing Certificates
Example Application
1. Installation
To use the FsAxSsl Web Server, you need to have Rust installed on your system. If you haven't installed Rust yet, please visit the Rust website and follow the instructions for your operating system.
Once Rust is installed, you can create a new Rust project and add the following dependencies to your Cargo.toml file:
toml
Copy code
[dependencies]
actix-web = "3.3"
acme-client = "0.9"
rustls = "0.20"
After updating the Cargo.toml file, run the following command to fetch and compile the dependencies:
shell
Copy code
$ cargo build
2. Configuration
The FsAxSsl Web Server requires a valid SSL/TLS certificate and private key for secure communication. The server uses ACME (Let's Encrypt) to automatically obtain and manage certificates. Make sure you have a valid domain name and an email address associated with it.
Open the main.rs file in your project and locate the main function. In this function, you will find the following lines of code:
rust
Copy code
let cert_path = "path/to/certificate.pem";
let key_path = "path/to/private_key.pem";
Replace "path/to/certificate.pem" and "path/to/private_key.pem" with the actual paths to your SSL/TLS certificate and private key files.
3. Starting the Server
To start the FsAxSsl Web Server, use the following command:
shell
Copy code
$ cargo run
The server will start listening on https://127.0.0.1:8443 by default. You can modify the IP address and port in the bind_rustls function call inside the main function.
4. Renewing Certificates
The FsAxSsl Web Server automatically renews SSL/TLS certificates every 89 days. The renewal process is handled in a separate thread to ensure uninterrupted service.
When it's time to renew the certificate, the server will make a request to ACME (Let's Encrypt) using the email address provided. ACME will verify domain ownership and issue a new certificate if necessary. The new certificate will be automatically updated and used by the server without any manual intervention.
5. Example Application
By default, the FsAxSsl Web Server serves a simple "Hello, world!" message at the root URL ("/"). To create your own application, you can modify the index function inside the main.rs file.
rust
Copy code
async fn index() -> HttpResponse {
HttpResponse::Ok().body("Hello, world!")
}
Replace the body of the index function with your own logic to handle HTTP requests.
Conclusion
Congratulations! You have successfully set up and configured the FsAxSsl Web Server. Enjoy building secure and high-performance web applications with ease. If you have any questions
Code
use actix_web::{web, App, HttpServer, HttpResponse};
use acme_client::Directory;
use rustls::internal::pemfile::{certs, pkcs8_private_keys};
use rustls::{NoClientAuth, ServerConfig};
use std::fs::File;
use std::io::BufReader;
use std::sync::{Arc, Mutex};
use std::{fs, thread};
use std::time::Duration;
struct SslManager {
cert_path: String,
key_path: String,
}
impl SslManager {
fn new(cert_path: &str, key_path: &str) -> Self {
SslManager {
cert_path: cert_path.to_owned(),
key_path: key_path.to_owned(),
}
}
fn handle_certificate(&self) -> Result, rustls::PrivateKey), Box
if let (Ok(mut cert_file), Ok(mut key_file)) = (File::open(&self.cert_path), File::open(&self.key_path)) {
let cert_chain = certs(&mut BufReader::new(cert_file))?;
let mut keys = pkcs8_private_keys(&mut BufReader::new(key_file))?;
if keys.len() == 1 {
return Ok((cert_chain, keys.remove(0)));
}
}
let directory = Directory::lets_encrypt()?;
let account = directory.account("mailto:[email protected]")?;
let order = account.new_order("your-domain.com", &[])?;
let (cert_pem, pkey_pem) = order.certificate_pem()?;
fs::write(&self.cert_path, &cert_pem)?;
fs::write(&self.key_path, &pkey_pem)?;
Ok((certs(&mut cert_pem.as_bytes())?, pkcs8_private_keys(&mut pkey_pem.as_bytes())?.remove(0)))
}
fn start_renewal_loop(self, config: Arc
thread::spawn(move || {
loop {
thread::sleep(Duration::from_secs(89 * 24 * 60 * 60));
if let Ok((new_cert_chain, new_key)) = self.handle_certificate() {
let mut new_config = ServerConfig::new(NoClientAuth::new());
new_config.set_single_cert(new_cert_chain, new_key).unwrap();
let mut config = config.lock().unwrap();
*config = new_config;
}
}
});
}
}
async fn index() -> HttpResponse {
HttpResponse::Ok().body("Hello, world!")
}
#[actix_web::main]
async fn main() -> std::io::Result {
let cert_path = "path/to/certificate.pem";
let key_path = "path/to/private_key.pem";
let ssl_manager = SslManager::new(cert_path, key_path);
let (cert_chain, key) = ssl_manager.handle_certificate().unwrap();
let mut config = ServerConfig::new(NoClientAuth::new());
config.set_single_cert(cert_chain, key).unwrap();
let config = Arc::new(Mutex::new(config));
ssl_manager.start_renewal_loop(Arc::clone(&config));
HttpServer::new(|| {
App::new()
.route("/", web::get().to(index))
})
.bind_rustls("127.0.0.1:8443", Arc::clone(&config))?
.run()
.await
FsAxSsl Min Config Fast Plug and Play Webserver in Rust by Luminosity-e
[Error: Irreparable invalid markup ('') in entry. Owner must fix manually. Raw contents below.]
FsAxSsl Web Server> {>) {
