I am using hyper-tls library to build a https client and meet hyper::Error(Connect, Custom { kind: Other, error: Custom { kind: InvalidData, error: InvalidCertificate(UnknownIssuer) } }) error when using it to access a existing system via token.
We only have token for the client side, does the client can turn off certificate checking? Do we have any example for how to disable certificate verification.
Following is my code:
let https_connector = TimeoutConnector::new(
hyper_rustls::HttpsConnectorBuilder::new()
.with_native_roots()
.https_only()
.enable_all_versions()
.build(),
);
let https_client = Client::builder().build::<_, hyper::Body>(https_connector);
let uri =
"my_url".parse::<Uri>()?;
let req = hyper::Request::builder()
.method(Method::GET)
.uri(uri)
.header(CONTENT_TYPE, "application/json")
.header(AUTHORIZATION, "my_token".to_string())
.body(Body::from(String::new()))?;
I also test the following code to set custom certificate verifier. But got 500 Internal Server Error , I am sure the token and RUL is correct in my code , curl -k command works well with the token and URL.
struct NoCertificateVerification;
impl ServerCertVerifier for NoCertificateVerification {
fn verify_server_cert(
&self,
_end_entity: &rustls::Certificate,
_intermediates: &[rustls::Certificate],
_server_name: &ServerName,
_scts: &mut dyn Iterator<Item = &[u8]>,
_ocsp_response: &[u8],
_now: SystemTime,
) -> Result<ServerCertVerified, rustls::Error> {
#[cfg(not(test))]
println!("IGNORING SERVER CERT, Please ensure that I am removed to actually validate TLS.");
Ok(ServerCertVerified::assertion())
}
}
#[tokio::main]
async fn main() -> Result<(), Box<dyn Error>> {
let config = ClientConfig::builder()
.with_safe_defaults()
.with_custom_certificate_verifier(std::sync::Arc::new(NoCertificateVerification))
.with_no_client_auth();
let https_connector = TimeoutConnector::new(
hyper_rustls::HttpsConnectorBuilder::new()
.with_tls_config(config)
.https_only()
.enable_http1()
.build(),
);
let https_client = Client::builder().build::<_, hyper::Body>(https_connector);
let uri =
"my_url".parse::<Uri>()?;
let req: hyper::Request<Body> = hyper::Request::builder()
.method(Method::GET)
.uri(uri)
.header(CONTENT_TYPE, "application/json")
.header(AUTHORIZATION, "my_token".to_string())
.body(Body::from(String::new()))?;
let req = https_client.request(req).await?;
println!("{} ", req.status());
let body = req.into_body();
let bytes = hyper::body::to_bytes(body).await.unwrap();
println!("{}", String::from_utf8_lossy(&bytes));
Ok(())
}
I am using hyper-tls library to build a https client and meet
hyper::Error(Connect, Custom { kind: Other, error: Custom { kind: InvalidData, error: InvalidCertificate(UnknownIssuer) } })error when using it to access a existing system via token.We only have token for the client side, does the client can turn off certificate checking? Do we have any example for how to disable certificate verification.
Following is my code:
I also test the following code to set custom certificate verifier. But got
500 Internal Server Error, I am sure the token and RUL is correct in my code ,curl -kcommand works well with the token and URL.