Name	Name	Last commit message	Last commit date
Latest commit Lukasa Update tools version to 5.9 (#508 ) Feb 5, 2025 0cc3528 · Feb 5, 2025 History 353 Commits
.github	.github	CI use 6.1 nightlies (#504 )	Jan 30, 2025
Benchmarks	Benchmarks	update benchmark thresholds to nightly 6.1 (#505 )	Jan 30, 2025
IntegrationTests	IntegrationTests	Switch allocation benchmarks to GHA (#488 )	Oct 25, 2024
Sources	Sources	Actually disable hostname validation on Apple platforms when asked (#502	Jan 3, 2025
Tests/NIOSSLTests	Tests/NIOSSLTests	Add explicit import of NIOCore (#503 )	Jan 29, 2025
dev	dev	Add our preferred commit template to the repository. (#5 )	Feb 22, 2018
docker	docker	Switch allocation benchmarks to GHA (#488 )	Oct 25, 2024
scripts	scripts	Update BoringSSL to 9559c4566a6d12194c42db5f3dbbcb5de35cfec2 (#496 )	Dec 9, 2024
.editorconfig	.editorconfig	add .editorconfig file (#490 )	Nov 15, 2024
.gitattributes	.gitattributes	tell github that Sources/CNIOBoringSSL is vendored (#180 )	Feb 5, 2020
.gitignore	.gitignore	universal bootstrap support (#185 )	Mar 23, 2020
.licenseignore	.licenseignore	Migrate to GitHub Actions (#487 )	Oct 25, 2024
.spi.yml	.spi.yml	Add .spi.yml for Swift Package Index DocC support (#410 )	Dec 3, 2022
.swift-format	.swift-format	Migrate to GitHub Actions (#487 )	Oct 25, 2024
.unacceptablelanguageignore	.unacceptablelanguageignore	Migrate to GitHub Actions (#487 )	Oct 25, 2024
CODE_OF_CONDUCT.md	CODE_OF_CONDUCT.md	Adopt the Swift CoC (#433 )	Jun 6, 2023
CONTRIBUTING.md	CONTRIBUTING.md	Migrate to GitHub Actions (#487 )	Oct 25, 2024
CONTRIBUTORS.txt	CONTRIBUTORS.txt	initial commit	Jan 24, 2018
LICENSE.txt	LICENSE.txt	initial commit	Jan 24, 2018
NOTICE.txt	NOTICE.txt	Use BoringSSL for TLS. (#59 )	Feb 25, 2019
Package.swift	Package.swift	Update tools version to 5.9 (#508 )	Feb 5, 2025
README.md	README.md	Implement SSL_CTX_set_cert_cb (#456 )	Sep 16, 2024
SECURITY.md	SECURITY.md	Add SECURITY.md (#278 )	Mar 9, 2021

Repository files navigation

SwiftNIO SSL

SwiftNIO SSL is a Swift package that contains an implementation of TLS based on BoringSSL. This package allows users of SwiftNIO to write protocol clients and servers that use TLS to secure data in flight.

The name is inspired primarily by the names of the library this package uses (BoringSSL), and not because we don't know the name of the protocol. We know the protocol is TLS!

To get started, check out the API docs.

Using SwiftNIO SSL

SwiftNIO SSL provides two ChannelHandlers to use to secure a data stream: the NIOSSLClientHandler and the NIOSSLServerHandler. Each of these can be added to a Channel to secure the communications on that channel.

Additionally, we provide a number of low-level primitives for configuring your TLS connections. These will be shown below.

To secure a server connection, you will need a X.509 certificate chain in a file (either PEM or DER, but PEM is far easier), and the associated private key for the leaf certificate. These objects can then be wrapped up in a TLSConfiguration object that is used to initialize the ChannelHandler.

For example:

let configuration = TLSConfiguration.makeServerConfiguration(
    certificateChain: try NIOSSLCertificate.fromPEMFile("cert.pem").map { .certificate($0) },
    privateKey: try .privateKey(.init(file: "key.pem", format: .pem))
)
let sslContext = try NIOSSLContext(configuration: configuration)

let server = ServerBootstrap(group: group)
    .childChannelInitializer { channel in
        // important: The handler must be initialized _inside_ the `childChannelInitializer`
        let handler = NIOSSLServerHandler(context: sslContext)

        [...]
        channel.pipeline.addHandler(handler)
        [...]
    }

For clients, it is a bit simpler as there is no need to have a certificate chain or private key (though clients may have these things). Setup for clients may be done like this:

let configuration = TLSConfiguration.makeClientConfiguration()
let sslContext = try NIOSSLContext(configuration: configuration)

let client = ClientBootstrap(group: group)
    .channelInitializer { channel in
        // important: The handler must be initialized _inside_ the `channelInitializer`
        let handler = try NIOSSLClientHandler(context: sslContext)

        [...]
        channel.pipeline.addHandler(handler)
        [...]
    }

The most recent versions of SwiftNIO SSL support Swift 5.7 and newer. The minimum Swift version supported by SwiftNIO SSL releases are detailed below:

SwiftNIO SSL	Minimum Swift Version
`2.0.0 ..< 2.14.0`	5.0
`2.14.0 ..< 2.19.0`	5.2
`2.19.0 ..< 2.23.0`	5.4
`2.23.0 ..< 2.23.2`	5.5.2
`2.23.2 ..< 2.26.0`	5.6
`2.26.0 ..< 2.27.0`	5.7
`2.27.0 ...`	5.8

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

SwiftNIO SSL

Using SwiftNIO SSL

About

Releases 79

Packages

Contributors 50

Languages

License

apple/swift-nio-ssl

Folders and files

Latest commit

History

Repository files navigation

SwiftNIO SSL

Using SwiftNIO SSL

About

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Releases 79

Packages 0

Contributors 50

Languages

Packages