This video shows how you can use TLS, Rust, and CFSSL to:
- create self signed certificate and certificate authority, and keys
- create server certificate issued by self signed CA, and keys
- upgrade insecure TcpStream to TLSStream
- write server that uses TLSAcceptor
- write client that uses TLSConnector
Repo:
[ Ссылка ]
Join our discord server if you have questions:
[ Ссылка ]
Chapters:
00:00:00 Intro
00:01:52 Introduce rust-scratch/tls
00:02:35 TLS (Transport Layer Security) primer
00:03:28 Self signed certificates and certificate authority
00:05:28 Where does this (CA cert) go and that (server cert & private key) go
00:06:05 Asymmetric vs Symmetric encryption and TLS handshake
00:12:05 Rust and TLS: rustls vs native-tls
00:14:32 CFSSL tools to create certificates and keys
00:16:00 Create a new crate for live coding
00:21:00 CFSSL config files
00:30:00 CFSSL create ca.pem, server.pem, server-key.pem
00:43:00 Write Rust code
00:43:00 Load ca.pem, server.pem, server-key.pem files in to Rust
00:52:00 DER and PEM certificate encoding formats
00:56:00 rustls_pemfile to transform certs to Rust (server.pem, ca.pem)
01:18:00 rustls to transform key file to Rust (server-key.pem)
01:25:00 Mental model for securing TcpStream, into TLSAcceptor and TLSConnector
01:31:00 Create TLSConnector (client)
01:40:00 Create TLSAcceptor (server)
01:46:00 Host, port, and server name
01:48:00 Write client code, use TLSConnector
01:58:00 Write server code, use TLSAcceptor
02:02:00 Write common function for read and write bytes
02:09:00 See the client and server in action
02:10:26 Outro
