Support for reading PEM-encoded CA Certificates from a PEM-encoded String

[barafael]

Proposed change

Support passing certificates directly to the ConnectOptions as a String or Vec<u8> additionally to the existing support for file paths.

Use case

On systems without access to the file system (like cloud-hosted container images), it can be difficult to pass certificates as files to ConnectOptions::add_root_certificates. As a user of the application, you may have no filesystem access, even though you have admin access to the application itself.

Contribution

We are interested in contributing to this.

[Jarema]

I understand your need, however this has a drawback: it does not allow reloading certs during the lifetime of the application.

I would consider using a similar callback we have for auth - one that is called every time conneciton is re-established (or established for the first time).

It will complicate the codebase a bit, but if this approach is also used for file-based certs as a provided implementation for library, maybe it would be ok.

Would be best to experiment with this idea before making the call.