axum htts配置及ip证书申请

简介

使用netlify静态页面托管如果想进行动态交互则需要提供一个后端https服务器,并且需要认证证书,如果单纯提供服务则没必要注册域名,并且国内的ip域注册比较麻烦。这里介绍的是ip证书的申请，只需要外网ip即可，有效期为3个月到时正重新生成即可

ip证书申请

申请网站

https://app.zerossl.com/ ip证书有效期为3个月

输入域名下一步 创建证书 输入ip下一步 选90天证书也就是三个月 下一步 免费 下一步 验证阶段,选择文件验证方式,在这里要在服务器开一个80端口的http服务如下图 确保浏览器可以访问即可 然后在认证ip 下载证书文件

axum https服务端

主意key.pem就是下载证书的private.key的 内容，cert.pem为下载证书中的certificate.crt内容,别外还需要开启允许跨域设置,别外前端也设置允许跨域这里不在介绍

main.rs

pub mod errors;
pub mod utils;

use std::{net::SocketAddr, path::PathBuf, time::Duration};

use axum::{
   http::header::{AUTHORIZATION, CONTENT_TYPE, UPGRADE_INSECURE_REQUESTS},
   response::IntoResponse,
   routing::{get, post},
   Json, Router,
};

use axum_server::tls_rustls::RustlsConfig;
use headers::{HeaderName, HeaderValue};
use serde::{Deserialize, Serialize};
use tower_http::cors::{Any, CorsLayer};
use utils::result_msg::ResultMsg;

#[tokio::main]
async fn main() {
 
   let app = Router::new()
       .route("/getUser", get(get_user_handler))
       .route("/addUser", post(add_user_handler))
       //跨域设置
       .layer(
           CorsLayer::new()
               // .allow_credentials(true)
               .allow_headers([
                   AUTHORIZATION,
                   CONTENT_TYPE,
                   UPGRADE_INSECURE_REQUESTS,
                   HeaderName::from_static("x-materialize-version"),
               ])
               .allow_methods(Any)
               .allow_origin(Any)
               //.expose_headers(any())
               .max_age(Duration::from_secs(60) * 60),
       );





   let config = RustlsConfig::from_pem_file(
       PathBuf::from(".")
           .join("certs")
           .join("cert.pem"),
       PathBuf::from(".").join("certs").join("key.pem"),
   )
   .await
   .unwrap();

   #[cfg(debug_assertions)]
   let addr = SocketAddr::from(([127, 0, 0, 1], 443));
   #[cfg(not(debug_assertions))]
   let addr = SocketAddr::from(([0, 0, 0, 0], 443));

   println!("listening on {}", addr);
   axum_server::bind_rustls(addr, config)
       .serve(app.into_make_service())
       .await
       .unwrap();
}
#[derive(Deserialize, Serialize, Debug)]
#[serde(rename_all = "camelCase")]
pub struct UserEntity {
   pub id: Option<i64>,
   pub user_name: Option<String>,
   pub email: Option<String>,
}

#[derive(Deserialize, Serialize, Debug)]
#[serde(rename_all = "camelCase")]
pub struct UserInfo {
   pub user_name: Option<String>,
   pub email: Option<String>,
}

async fn add_user_handler(Json(param): Json<UserInfo>) -> impl IntoResponse {
   println!("{:#?}", param);
   ResultMsg::new().msg("成功!").data(param)
}
async fn get_user_handler() -> impl IntoResponse {
   // ResultMsg::<()>::new().error().msg("111".to_string())
   let user = UserEntity {
       id: Some(1),
       user_name: Some("littley".to_string()),
       email: None,
   };
   ResultMsg::new().msg("成功!").data(user)
}

cargo.toml

[package]
name = "axum-https-test"
version = "0.1.0"
edition = "2021"

# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html

[dependencies]
anyhow = "1.0.69"
axum =  {version= "0.6.10"}
axum-server =  { version = "0.4.6" , features = ["tls-rustls"] } 
headers = "0.3.8"
mime_guess = "2.0.4"
serde =  { version = "1.0.155", features = ["derive"] }
serde_json = "1.0.94"
thiserror = "1.0.39"
tokio = { version = "1.26.0", features = ["full"] }
tower-http = { version = "0.4.0", features = ["full"] }