Expand description

rustls-native-certs allows rustls to use the platform’s native certificate store when operating as a TLS client.

It provides a single function load_native_certs(), which returns a collection of certificates found by reading the platform-native certificate store. Certificate here is just a marker newtype that denotes a DER-encoded X.509 certificate encoded as a Vec<u8>.

If you want to load these certificates into a rustls::RootCertStore, you’ll likely want to do something like this:

let mut roots = rustls::RootCertStore::empty();
for cert in rustls_native_certs::load_native_certs().expect("could not load platform certs") {


A newtype representing a single DER-encoded X.509 certificate encoded as a Vec<u8>.


Load root certificates found in the platform’s native certificate store.