How can i add a der certificate into rustls?

let root_store = RootCertStore::add(/* i want to add &[u8] of a raw der here*/);

also how can i connect to my designated server without this weird "server name" or dns, i just want to import a self signed cert and connect to my private server via ip

let server_name = "www.rust-lang.org".try_into()?;
let conn = rustls::ClientConnection::new(Arc::new(config), server_name)?;
let sock = TcpStream::connect(addr)?;
let tls = rustls::StreamOwned::new(conn, sock);
Ok(TlsStream { stream: tls })

Something like this should work:

    let der_bytes: &[u8] = include_bytes!("my_cert.der").as_slice();
    let cert = CertificateDer::from(der_bytes).unwrap();
    let mut certs = RootCertStore::empty();
    certs.add(cert);
    let config = ClientConfig::builder().with_root_certificates(certs);

You can replace include_bytes! with std::fs::read if you want to read the certificate at runtime instead of compile time.

ServerName can be an IP address instead of a hostname:

let server_name = ServerName::IpAddress(IpAddr::try_from("127.0.0.1").unwrap());

This topic was automatically closed 90 days after the last reply. We invite you to open a new topic if you have further questions or comments.