Hcs.Tls_config

hcs · API reference

TLS configuration helpers for servers and clients.

Use this module to configure certificates, client verification behavior, ALPN protocol selection, and intentionally insecure test clients.

TLS configuration and helpers for HCS.

This module provides TLS configuration that works with tls-eio and ca-certs for system certificate loading.

ALPN Protocol Identifiers

val alpn_h2 : string

HTTP/2 over TLS ALPN identifier

val alpn_http11 : string

HTTP/1.1 ALPN identifier

val alpn_h2c : string

HTTP/2 cleartext (h2c) identifier - used in Upgrade header, not ALPN

type protocol = 
  | HTTP_1_1
  | HTTP_2

Protocol type for negotiation results

val protocol_of_alpn : string -> protocol option

Convert ALPN string to protocol type

val alpn_of_protocol : protocol -> string

Convert protocol to ALPN string

module Client : sig ... end

Client TLS configuration

module Server : sig ... end

val failure_to_string : Tls.Engine.failure -> string

Convert TLS failure to string

val client_wrap : 
  config:Client.t ->
  [> `Close | `Flow | `R | `Shutdown | `W ] Eio.Std.r ->
  (Tls_eio.t, string) result

Wrap an Eio flow with TLS (client side)

val server_wrap : 
  Server.t ->
  [> `Close | `Flow | `R | `Shutdown | `W ] Eio.Std.r ->
  (Tls_eio.t, string) result

Wrap an Eio flow with TLS (server side)

val negotiated_protocol : Tls_eio.t -> protocol option