Inspired by the rustls-tls-native-roots feature in Reqwest, would this project be open to a feature flag to enable pulling root certificates from the native store via rustls-native-certs?
It's possible today to add them manually using the add_root_certificate method, however that adds a couple of complications:
- The consumer needs to make sure to exactly match the
rustls-native-certs version to the rustls version used transitively within attohttpc
- The consumer needs to create helpers to make sure that all requests go through a
RequestBuilder that adds those certs.
- Some native stores hold old certs with invalid formats, which are rejected when they're added using
add_root_certificate (see a comment in the reqwest implementation)
Having the ability to use the native store built in to attohttpc would alleviate all of these and allow consumers to opt-in easily via a feature flag.
I'm happy to take on creating a PR, if it's a feature you're open to adding.
Inspired by the
rustls-tls-native-rootsfeature in Reqwest, would this project be open to a feature flag to enable pulling root certificates from the native store viarustls-native-certs?It's possible today to add them manually using the
add_root_certificatemethod, however that adds a couple of complications:rustls-native-certsversion to therustlsversion used transitively withinattohttpcRequestBuilderthat adds those certs.add_root_certificate(see a comment in thereqwestimplementation)Having the ability to use the native store built in to attohttpc would alleviate all of these and allow consumers to opt-in easily via a feature flag.
I'm happy to take on creating a PR, if it's a feature you're open to adding.