Custom certificate validator trait for TLS handshake verification. Implementations can perform additional validation on the peer certificate during the TLS handshake, before any application data is sent.
| 30 | /// Implementations can perform additional validation on the peer certificate |
| 31 | /// during the TLS handshake, before any application data is sent. |
| 32 | pub trait CertValidator: Debug + Send + Sync + 'static { |
| 33 | /// Validate the peer certificate. |
| 34 | /// |
| 35 | /// Called after standard X.509 chain verification succeeds. |
| 36 | /// Return `Ok(())` to accept the certificate, or `Err` to reject. |
| 37 | fn validate(&self, cert_der: &[u8]) -> Result<(), String>; |
| 38 | } |
| 39 | |
| 40 | /// TLS configuration for mTLS with optional custom certificate validation |
| 41 | #[derive(Clone)] |
nothing calls this directly
no outgoing calls
no test coverage detected