👋🏽 In our use-case we'd prefer not to have to generate files for providing root certs and client keys to mysql_async -- we already have those values as bytes and for security reasons don't want to expose them to the filesystem.
This PR adds a with_root_cert option to SslOpts to allow providing root CA certs directly, which are merged with any other certs specified by with_root_cert_path.
This also adds a ClientIdentity::new_from_bytes method to allow instantiating a native-tls ClientIdentity using the pkcs12 archive directly.
In both cases I avoided changing any existing APIs, but feel free to suggest an alternative design or implementation. Thanks!
👋🏽 In our use-case we'd prefer not to have to generate files for providing root certs and client keys to
mysql_async
-- we already have those values as bytes and for security reasons don't want to expose them to the filesystem.This PR adds a
with_root_cert
option toSslOpts
to allow providing root CA certs directly, which are merged with any other certs specified bywith_root_cert_path
. This also adds aClientIdentity::new_from_bytes
method to allow instantiating a native-tlsClientIdentity
using the pkcs12 archive directly. In both cases I avoided changing any existing APIs, but feel free to suggest an alternative design or implementation. Thanks!