User Profile

For the past three years, I have been writing and maintaining a small but active REST service. It started life as a classic BSD sockets service, then moved to Swift NIO, and all that entails. The latest incarnation is nothing but native Network Framework, which seems to be the most bullet-proof of all. I have yet to crash it with the ApacheBench (ab) tool. Slow it down, maybe, but yet to crash it. Kudos to Apple on the NW Framework! Now, I require adding a TLS-based listener. I have searched these forums and many other Internet sites for sample code, but to no avail. There is much about configuring an iOS client app, but almost nothing on the macOS listener side. Below is a snippet of code in the init?() of my HTTPService class. Any suggestions on how to code in the correct TLS options would be greatly appreciated. init?( port: UInt16, tls: Bool = false ) { . . . let TLS_opts = NWProtocolTLS.Options() let TCP_opts = NWProtocolTCP.Options()     TCP_opts.disableECN         = true    // Explicit Congestion Notification     TCP_opts.enableKeepalive    = false   // Send Keep-Alive packets     TCP_opts.connectionTimeout  = 5       // Connection handshake timeout (seconds)     TCP_opts.connectionDropTime = 5       // Seconds TCP will do packet retransmission if (tls) {   let sec_opts = TLS_opts.securityProtocolOptions   // I’m completely stuck in the sparse documentation at this point!   //   // For testing purposes, I have a self-signed certificate in the System keychain with   // the identifier: “Server.local”   //   // How do I enable TLS using this (or a real) certificate?   } let Parameters = NWParameters(tls: TLS_opts, tcp: TCP_opts)     Parameters.allowLocalEndpointReuse = true guard let L = try? NWListener( using: Parameters, on: NWEndpoint.Port(rawValue: port) )   else { return nil } self.Listener = L self.Listener.newConnectionHandler = NewConnection(_:) . . . }