#[non_exhaustive]pub enum CertificateError {
Show 13 variants
BadEncoding,
Expired,
NotValidYet,
Revoked,
UnhandledCriticalExtension,
UnknownIssuer,
UnknownRevocationStatus,
ExpiredRevocationList,
BadSignature,
NotValidForName,
InvalidPurpose,
ApplicationVerificationFailure,
Other(OtherError),
}
Expand description
The ways in which certificate validators can express errors.
Note that the rustls TLS protocol code interprets specifically these error codes to send specific TLS alerts. Therefore, if a custom certificate validator uses incorrect errors the library as a whole will send alerts that do not match the standard (this is usually a minor issue, but could be misleading).
Variants (Non-exhaustive)§
This enum is marked as non-exhaustive
BadEncoding
The certificate is not correctly encoded.
Expired
The current time is after the notAfter
time in the certificate.
NotValidYet
The current time is before the notBefore
time in the certificate.
Revoked
The certificate has been revoked.
UnhandledCriticalExtension
The certificate contains an extension marked critical, but it was not processed by the certificate validator.
UnknownIssuer
The certificate chain is not issued by a known root certificate.
UnknownRevocationStatus
The certificate’s revocation status could not be determined.
ExpiredRevocationList
The certificate’s revocation status could not be determined, because the CRL is expired.
BadSignature
A certificate is not correctly signed by the key of its alleged issuer.
NotValidForName
The subject names in an end-entity certificate do not include the expected name.
InvalidPurpose
The certificate is being used for a different purpose than allowed.
ApplicationVerificationFailure
The certificate is valid, but the handshake is rejected for other reasons.
Other(OtherError)
Any other error.
This can be used by custom verifiers to expose the underlying error (where they are not better described by the more specific errors above).
It is also used by the default verifier in case its error is not covered by the above common cases.
Enums holding this variant will never compare equal to each other.
Trait Implementations§
Source§impl Clone for CertificateError
impl Clone for CertificateError
Source§fn clone(&self) -> CertificateError
fn clone(&self) -> CertificateError
1.0.0 · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read more