Crate rustls_native_certs

rustls-native-certs allows rustls to use the platform’s native certificate store when operating as a TLS client.

It provides a single function load_native_certs(), which returns a collection of certificates found by reading the platform-native certificate store.

If the SSL_CERT_FILE environment variable is set, certificates (in PEM format) are read from that file instead.

Certificate here is just a marker newtype that denotes a DER-encoded X.509 certificate encoded as a Vec<u8>.

If you want to load these certificates into a rustls::RootCertStore, you’ll likely want to do something like this:

let mut roots = rustls::RootCertStore::empty();
for cert in rustls_native_certs::load_native_certs().expect("could not load platform certs") {
    roots
        .add(&rustls::Certificate(cert.0))
        .unwrap();
}

Structs

• Certificate
  A newtype representing a single DER-encoded X.509 certificate encoded as a Vec<u8>.

Functions

• load_native_certs
  Load root certificates found in the platform’s native certificate store.