Rocket icon indicating copy to clipboard operation
Rocket copied to clipboard

Published 20 hours ago verified publisher icon rwf2

[WIP] Hot Reload Certificates with RwLock

Open GentBinaku opened this issue 1 year ago • 5 comments

GentBinaku avatar Jul 11 '23 22:07 GentBinaku

Hi @SergioBenitez,

It works partially but I have this error which I don't know how to fix.

🔧 Configured for debug.
   >> address: 127.0.0.1
   >> port: 8000
   >> workers: 16
   >> max blocking threads: 512
   >> ident: Rocket
   >> IP header: X-Real-IP
   >> limits: bytes = 8KiB, data-form = 2MiB, file = 1MiB, form = 32KiB, json = 1MiB, msgpack = 1MiB, string = 8KiB
   >> temp dir: /tmp
   >> http/2: true
   >> keep-alive: 5s
   >> tls: enabled w/mtls
   >> shutdown: ctrlc = true, force = true, signals = [SIGTERM], grace = 2s, mercy = 3s
   >> log level: normal
   >> cli colors: true
   >> secret key: [generated]
Warning: secrets enabled without a stable `secret_key`
   >> disable `secrets` feature or configure a `secret_key`
   >> this becomes an error in non-debug profiles
📬 Routes:
   >> (hello) GET / [2]
   >> (mutual) GET /
📡 Fairings:
   >> Shield (liftoff, response, singleton)
   >> HTTP -> HTTPS Redirector (liftoff)
Updating TLS config
🛡️ Shield:
   >> X-Content-Type-Options: nosniff
   >> Permissions-Policy: interest-cohort=()
   >> X-Frame-Options: SAMEORIGIN
🚀 Rocket has launched from https://127.0.0.1:8000
🚀 Rocket has launched from http://127.0.0.1:3000
Warning: tls handshake with 127.0.0.1:36860 failed: received fatal alert: CertificateUnknown
Warning: tls handshake with 127.0.0.1:36870 failed: received fatal alert: CertificateUnknown
   >> Request guard `Certificate < '_ >` is forwarding.
thread 'rocket-worker-thread' panicked at 'called `Result::unwrap()` on an `Err` value: Custom { kind: Other, error: "bad TLS private key: failed to find key header; supported formats are: RSA, PKCS8, SEC1" }', /home/gentb/Rocket/core/http/src/tls/listener.rs:152:22
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace
   >> Request guard `Certificate < '_ >` is forwarding.
   >> Request guard `Certificate < '_ >` is forwarding.
   >> Request guard `Certificate < '_ >` is forwarding.
   >> Request guard `Certificate < '_ >` is forwarding.
   >> Request guard `Certificate < '_ >` is forwarding.
   >> Request guard `Certificate < '_ >` is forwarding.

GentBinaku avatar Jul 11 '23 22:07 GentBinaku

Hi @SergioBenitez I have updated the branch maybe take a look?

GentBinaku avatar Aug 06 '23 13:08 GentBinaku

👋 has there been any movement on this?

cobalthex avatar Nov 21 '23 09:11 cobalthex

@cobalthex I can start working more on it if the need be.

GentBinaku avatar Nov 24 '23 11:11 GentBinaku

that would be appreciated, thanks

cobalthex avatar Nov 29 '23 04:11 cobalthex