Expand description
HTTP routing for the Kipuka EST server.
Builds the main axum [Router] with three route groups:
- EST endpoints under
/.well-known/est/(RFC 5785 + RFC 7030) - Per-label EST endpoints under
/.well-known/est/{label}/(RFC 7030 §3.2.2) - Admin API under
/admin/with separate authentication
Middleware applied at the router level:
- Body size limit (
[server].max_body_size, default 64 KiB) - Request tracing (tracing spans per request)
- Audit logging for enrollment and admin operations
Modules§
- admin
- Admin API router with separate authentication.
- cacerts
GET /.well-known/est/cacerts— CA Certificates Request.- cmp
- CMP v3 endpoint (RFC 9810).
- cms_est
- CMS-wrapped EST endpoints (RFC 8295).
- csrattrs
GET /.well-known/est/csrattrs— CSR Attributes Request.- est
- EST operation router combining all RFC 7030 endpoints.
- fullcmc
POST /.well-known/est/fullcmc— Full CMC Request.- serverkeygen
POST /.well-known/est/serverkeygen— Server-Side Key Generation.- simpleenroll
POST /.well-known/est/simpleenroll— Simple Enrollment.- simplereenroll
POST /.well-known/est/simplereenroll— Simple Re-enrollment.- star
- STAR (Short-Term Automatic Renewal) endpoints (RFC 8739).
Structs§
- Label
Extractor - Resolved EST label configuration for the current request.
Functions§
- build_
router - Build the complete Kipuka HTTP router.