Feature hyper-rustls requires dynamically linked CA certificates
Closed this issue · 2 comments
enfipy commented
Even if I add egg-mode
like this:
egg-mode = { version = "0.14", features = ["hyper-rustls"], default-features = false }
I run into the following errors:
WARN rustls::session > Sending fatal alert BadCertificate
ERROR server::error > Network error: error trying to connect: invalid certificate: UnknownIssuer
I figured out that hyper-rustls started to use rustls-native-certs
from v18.
How can it be fixed without adding CA certs to the root?
QuietMisdreavus commented
It looks like hyper-rustls
version 0.20 introduced a webpki-tokio
feature to use compiled-in root certificates from webpki-roots
instead of rustls-native-certs
. We could expose that feature in egg-mode to allow you to use those certificates instead of using the root certs on your system. I'll give this a shot and add it in if it works.
QuietMisdreavus commented
Update: i got it working locally, so i've opened #95 to enable this. I'll make sure to merge it before cutting the next release with the raw
stuff in it.