This adds a new config builder option, CustomCAFile and associated C binding to the server and client SDKs.
When specified, the SDK's streaming, polling, and event connections will verify its TLS peer based on the CAs found in this file. The custom file may be un-set by passing an empty string.
We could instead make empty string be a configuration error, but it would involve changing the signature for the Build() methods of the HTTPs properties + TLS properties builders. That might be a safer default, although potentially less convenient.
This adds a new config builder option,
CustomCAFile
and associated C binding to the server and client SDKs.When specified, the SDK's streaming, polling, and event connections will verify its TLS peer based on the CAs found in this file. The custom file may be un-set by passing an empty string.
We could instead make empty string be a configuration error, but it would involve changing the signature for the
Build()
methods of the HTTPs properties + TLS properties builders. That might be a safer default, although potentially less convenient.