Index: sdk/lib/io/http.dart |
diff --git a/sdk/lib/io/http.dart b/sdk/lib/io/http.dart |
index befa0435316c909bc51c304a5393dbb123cb1cd3..dd715599bed08cf8568bc05d5b5f5a031fa8cc85 100644 |
--- a/sdk/lib/io/http.dart |
+++ b/sdk/lib/io/http.dart |
@@ -93,23 +93,28 @@ abstract class HttpStatus { |
* |
* Use [bindSecure] to create an HTTPS server. |
* |
- * The server presents a certificate to the client. In the following |
- * example, the certificate is named `localhost_cert` and comes from |
- * the database found in the `pkcert` directory. |
+ * The server presents a certificate to the client. The certificate |
+ * chain and the private key are set in the SecurityContext |
+ * object that is passed to [bindSecure]. |
* |
* import 'dart:io'; |
* import "dart:isolate"; |
* |
* main() { |
- * var testPkcertDatabase = Platform.script.resolve('pkcert') |
- * .toFilePath(); |
- * SecureSocket.initialize(database: testPkcertDatabase, |
- * password: 'dartdart'); |
+ * SecurityContext context = new SecurityContext(); |
+ * var chain = |
+ * Platform.script.resolve('certificates/server_chain.pem') |
+ * .toFilePath(); |
+ * var key = |
+ * Platform.script.resolve('certificates/server_key.pem') |
+ * .toFilePath(); |
+ * context.useCertificateChain(chain); |
+ * context.usePrivateKey(key, password: 'dartdart'); |
* |
* HttpServer |
* .bindSecure(InternetAddress.ANY_IP_V6, |
* 443, |
- * certificateName: 'localhost_cert') |
+ * context) |
* .then((server) { |
* server.listen((HttpRequest request) { |
* request.response.write('Hello, world!'); |
@@ -118,10 +123,8 @@ abstract class HttpStatus { |
* }); |
* } |
* |
- * The certificate database is managed using the Mozilla certutil tool (see |
- * [NSS Tools certutil](https://developer.mozilla.org/en-US/docs/NSS/tools/NSS_Tools_certutil)). |
- * Dart uses the NSS library to handle SSL, and the Mozilla certutil |
- * must be used to manipulate the certificate database. |
+ * The certificates and keys are pem files, which can be created and |
+ * managed with the tools in OpenSSL and BoringSSL. |
* |
* ## Connect to a server socket |
* |
@@ -291,6 +294,7 @@ abstract class HttpServer implements Stream<HttpRequest> { |
static Future<HttpServer> bindSecure(address, |
int port, |
+ SecurityContext context, |
{int backlog: 0, |
bool v6Only: false, |
String certificateName, |
@@ -298,6 +302,7 @@ abstract class HttpServer implements Stream<HttpRequest> { |
bool shared: false}) |
=> _HttpServer.bindSecure(address, |
port, |
+ context, |
backlog, |
v6Only, |
certificateName, |
@@ -1331,7 +1336,7 @@ abstract class HttpClient { |
*/ |
String userAgent; |
- factory HttpClient() => new _HttpClient(); |
+ factory HttpClient({SecurityContext context}) => new _HttpClient(context); |
/** |
* Opens a HTTP connection. |