self_signed_certs/
main.rs

1use hyper_custom_cert::HttpClient;
2use std::collections::HashMap;
3use std::time::Duration;
4
5fn main() {
6    // Default secure client (uses OS trust store when built with default features)
7    let mut headers = HashMap::new();
8    headers.insert("x-app".into(), "example".into());
9
10    let client = HttpClient::builder()
11        .with_timeout(Duration::from_secs(10))
12        .with_default_headers(headers)
13        .build();
14
15    // Demonstrate a request (no network I/O in this example crate yet)
16    client
17        .request("https://example.com")
18        .expect("request should succeed on native targets");
19
20    // Production with rustls + custom Root CA (e.g., self-signed for your private service)
21    // Note: Requires building with: --no-default-features --features rustls
22    #[cfg(feature = "rustls")]
23    {
24        // Option 1: Load CA certificate from raw PEM bytes
25        let ca_pem: &[u8] =
26            b"-----BEGIN CERTIFICATE-----\n...your root ca...\n-----END CERTIFICATE-----\n";
27        let _rustls_client = HttpClient::builder()
28            .with_timeout(Duration::from_secs(10))
29            .with_root_ca_pem(ca_pem)
30            .build();
31        let _ = _rustls_client.request("https://private.local");
32
33        // Option 2: Load CA certificate from a file path
34        // Note: This will panic if the file doesn't exist - ensure your cert file is available
35        // let _rustls_client_from_file = HttpClient::builder()
36        //     .with_timeout(Duration::from_secs(10))
37        //     .with_root_ca_file("path/to/your/root-ca.pem")
38        //     .build();
39        // let _ = _rustls_client_from_file.request("https://private.local");
40    }
41
42    // Local development only: accept invalid/self-signed certs (dangerous)
43    // Build with: --features insecure-dangerous (or with rustls,insecure-dangerous)
44    #[cfg(feature = "insecure-dangerous")]
45    {
46        // Shortcut:
47        let _dev_client = HttpClient::with_self_signed_certs();
48        let _ = _dev_client.request("https://localhost:8443");
49
50        // Or explicit builder method:
51        let _dev_client2 = HttpClient::builder()
52            .insecure_accept_invalid_certs(true)
53            .build();
54        let _ = _dev_client2.request("https://localhost:8443");
55    }
56
57    println!("Example finished. See README for feature flags and commands.");
58}