nautilus_cryptography/tls.rs
1// -------------------------------------------------------------------------------------------------
2// Copyright (C) 2015-2026 Nautech Systems Pty Ltd. All rights reserved.
3// https://nautechsystems.io
4//
5// Licensed under the GNU Lesser General Public License Version 3.0 (the "License");
6// You may not use this file except in compliance with the License.
7// You may obtain a copy of the License at https://www.gnu.org/licenses/lgpl-3.0.en.html
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14// -------------------------------------------------------------------------------------------------
15
16use std::sync::Arc;
17
18use rustls::{ClientConfig, RootCertStore};
19use webpki_roots;
20
21/// Loads a TLS client configuration with certificates.
22pub fn create_tls_config() -> Arc<ClientConfig> {
23 log::debug!("Loading certificates");
24
25 let mut root_store = RootCertStore::empty();
26 root_store.extend(webpki_roots::TLS_SERVER_ROOTS.iter().cloned());
27
28 let config = ClientConfig::builder()
29 .with_root_certificates(root_store)
30 .with_no_client_auth();
31
32 Arc::new(config)
33}