hyperium
feat(tls): Add rustls-platform-verifier support
These are needed for macos and windows.
https://github.com/rustls/rustls-platform-verifier/pull/133 https://github.com/rustls/rustls-platform-verifier/pull/135
It would be good to get @djc's thoughts here, since the benefits listed by rustls-platform-verifier itself seem good, albeit small... and it's not clear to me if there are more and/or worse platform support caveats using this vs sticking with rustls-native-certs.
As @tottoto suggested in a previous comment (thought it might not be quite clear), released versions of rustls-platform-verifier don't have all the API in place to support additivity with native-roots and webpki-roots across platforms, so might want to wait for that. The rustls project recommends ~all users migrate away from rustls-native-certs to using the rustls-platform-verifier.
https://github.com/rustls/rustls-platform-verifier/pull/148
Closing for now, feel free to reopen if we want to pick the work back up.
What is the current status for this feature? I have a usecase where I need to support iOS and rustls-native-certs does not work (https://github.com/hyperium/tonic/issues/1403). Using tls-webpki-roots is not a very good solution for me as I would not like to package certificates with an application, that could use the operating system certificates instead.
Is a workaround available with which it is somehow possible to inject rustls-platform-verifier while this feature is not merged?
Relevant for https://github.com/TimOrtel/GRPC-Kotlin-Multiplatform/issues/60
