nautilus_cryptography/tls.rs
1// -------------------------------------------------------------------------------------------------
2// Copyright (C) 2015-2025 Posei Systems Pty Ltd. All rights reserved.
3// https://poseitrader.io
4//
5// Licensed under the GNU Lesser General Public License Version 3.0 (the "License");
6// You may not use this file except in compliance with the License.
7// You may obtain a copy of the License at https://www.gnu.org/licenses/lgpl-3.0.en.html
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14// -------------------------------------------------------------------------------------------------
15
16use std::sync::Arc;
17
18use rustls::{self, ClientConfig, RootCertStore};
19use webpki_roots;
20
21/// Loads a TLS client configuration with certificates.
22///
23/// # Panics
24///
25/// Panics if the configuration fails to load.
26pub fn create_tls_config() -> Arc<ClientConfig> {
27 tracing::debug!("Loading certificates");
28
29 let mut root_store = RootCertStore::empty();
30 root_store.extend(webpki_roots::TLS_SERVER_ROOTS.iter().cloned());
31
32 let config = ClientConfig::builder()
33 .with_root_certificates(root_store)
34 .with_no_client_auth();
35
36 Arc::new(config)
37}