Rustls Can Now Work With Nginx Via New OpenSSL Compatibility Layer
Rustls is the modern TLS library written in the Rust programming language with a large emphasis on memory safety and security. Rustls is backed by Google, AWS, and others as well as being a recipient of Germany's Sovereign Tech Fund. The latest exciting milestone for the open-source project is that Rustls can now work with Nginx.
Via a new "rustls-openssl-compat" OpenSSL compatibility layer started by the Rustls project, this Rust TLS implementation can now work with the Nginx web server. This compatibility layer provides an implementation of OpenSSL's SSL library "libssl" ABI.
This layer has been successfully tested with recent versions of Nginx to allow switching from OpenSSL to the memory-safe Rustls by simply swapping out the library.
The announcement this week notes:
Those wanting to learn more in general about Rustls can do so via the project's GitHub.
Via a new "rustls-openssl-compat" OpenSSL compatibility layer started by the Rustls project, this Rust TLS implementation can now work with the Nginx web server. This compatibility layer provides an implementation of OpenSSL's SSL library "libssl" ABI.
This layer has been successfully tested with recent versions of Nginx to allow switching from OpenSSL to the memory-safe Rustls by simply swapping out the library.
The announcement this week notes:
"After investing heavily in Rustls over the last few years, we now see it as a viable, performant, and memory safe alternative to OpenSSL. Recent releases have brought pluggable cryptography with FIPS support, performance optimizations, post-quantum key exchange, and numerous other improvements. In the coming months, we will focus on improving performance in the few areas where Rustls doesn't already surpass OpenSSL and add support for RFC 8879 for certificate compression. ISRG's Let's Encrypt certificate authority will begin replacing OpenSSL with Rustls later this year."
Those wanting to learn more in general about Rustls can do so via the project's GitHub.
31 Comments