First, you have to generate the self signed certificate for the server and the certificate authority (CA) certificate.
Run the following command to generate the certificates from the root folder of the project
(where the Cargo.toml
file resides):
cargo run --bin gen-certs
This will generate the following files in certs/generated
folder:
-
Certificate Authority (CA) files:
ca.csr
- Certificate Signing Request (CSR) for the CAca-key.pem
- Private key for the CAca.pem
- Certificate for the CA. THIS GOES IN THE CLIENT BINARY
-
Server files:
server.csr
- Certificate Signing Request (CSR) for the serverserver-key.pem
- Private key for the server THIS GOES IN THE SERVER BINARYserver.pem
- Certificate for the server. THIS GOES IN THE SERVER BINARY
Now, you can run the server and client binaries using the following commands.
- These binaries actually pull in the certificates generated in the previous step from the
certs/generated
folder. They are current not baked into the binaries. - They could be baked in if the 3 certificate files above are copied into the
src
folder and theinclude_bytes!
macro is used to include them in the binaries.
cargo run --bin server
cargo run --bin client
You should see the program in action. It will simply display "one", "two", "three" on both the server and client side. These messages are encrypted between the client and sever processes using TLS.