Module TlsCommands 

Tauri commands exposing TLS certificate status and manual rotation.

TLS certificate management commands

Tauri commands that expose the local CA + server cert cache (managed by CertificateManager) to the webview. Each command lives in its own sibling file; the wire-bound names match the file names.

Currently registered nowhere - kept for the upcoming TLS-aware webview surface. Adding the entries to Binary/Main/Entry.rs::invoke_handler! is the activation step.

Modules

CertificateGenerationResult

Result envelope returned by tls_generate_cert.

CertificateStatus

TLS certificate status snapshot returned by tls_check_cert_status.

tls_check_cert_status

tls_check_cert_status Tauri command - parse a cached cert’s valid_until (RFC3339), compare against now, and flag whether renewal is due (within CertificateManager::RENEWAL_THRESHOLD_DAYS).

tls_delete_cert

tls_delete_cert Tauri command - currently aliased to renew_certificate (regenerates instead of removing). TODO: add a real CertificateManager::delete_certificate so the cache entry actually disappears.

tls_generate_cert

tls_generate_cert Tauri command - issue a fresh server cert under the CA for hostname (or return the existing valid one).

tls_get_all_certs

tls_get_all_certs Tauri command - hostname → cert info map for the diagnostic panel.

tls_get_ca_cert

tls_get_ca_cert Tauri command - returns the CA certificate PEM so the webview can pin it or install it into the system trust store.

tls_get_server_cert_info

tls_get_server_cert_info Tauri command - certificate info lookup for one hostname (returns None when no cached cert).

tls_initialize

tls_initialize Tauri command - loads the CA from the keyring or generates a fresh one. Must run before any other TLS command on this app handle.

tls_renew_certificate

tls_renew_certificate Tauri command - regenerates the cached server cert for hostname. The renewal fires inside a std::sync::Mutex so the lock must not be held across an await point today. A future migration to tokio::sync::Mutex will let this function await the renewal directly.