Proposal: replace certFile
in Deno.ConnectTlsOptions with caCerts
#11608
Labels
breaking change
a change or feature that breaks existing semantics
feat
new feature (which has been agreed to/accepted)
public API
related to "Deno" namespace in JS
runtime
Relates to code in the runtime crate
The naming of the
certFile
argument inDeno.ConnectTlsOptions
is horrendous becausecertFile
is ambiguous if it is a CA certificate, or a client mTLS cert. It should becaFile
. Really it should becaData
though, with it being the users responsibility to read the file from disk. Even more really it should becaCerts
, taking an array of certificates (as string, encoded as PEM) to add to the trust store.Client certificates for mTLS should end up in the
certChain
andprivateKey
fields of theDeno.ConnectTlsOptions
, both taking a string encoded as PEM.Because the removal of
certFile
would be a breaking change, let's deprecate the field in the next release (1.13) using@deprecated
, and introduce thecaCerts
option.The same change should apply to
createHttpClient
andstartTls
.Any objections?
The text was updated successfully, but these errors were encountered: