Can partially perform commands on servers with self-signed CA #9
Description
Hello,
Thank you for all the work you've done on this project.
I'm trying to use the rc client in version 0.1.3 (on a Linux) with a RustFS server, in version 1.0.0-alpha.80, having a certificate signed by a self-signed CA.
Without specific configuration I got the following errors:
$ rc ls rustfs/
✗ Failed to list buckets: Network error: dispatch failure
$ rc admin user list rustfs
✗ Failed to list users: Network error: Request failed: error sending request for url (https://rustfs.local:9000/rustfs/admin/v3/list-users)
These errors, even if not really explicit, make sense as the rc client should not trust the server.
I tried using the insecure alias setting even if I don't really want to use it:
$ rc ls rustfs/
✗ Failed to list buckets: Network error: dispatch failure
$ rc admin user list rustfs
● user
It is working for admin operations but not for S3 operations.
I assume this is because the S3 operations are using the aws-sdk-rust crate while the admin operations are using the reqwest crate with rustls-tls feature.
I tried adding the server certificate to system trusted root store without the rc insecure setting:
$ rc ls rustfs/
[2026-01-28 07:37:21] 0B test/
$ rc admin user list rustfs
✗ Failed to list users: Network error: Request failed: error sending request for url (https://rustfs.local:9000/rustfs/admin/v3/list-users)
If I combine adding the certificate to the system trusted root store and the insecure setting, I am able to perform both S3 operations and Admin operations:
$ rc ls rustfs/
[2026-01-28 07:37:21] 0B test/
$ rc admin user list rustfs
● user
It would be nice to be able to trust root CA from the trust store for both S3 and Admin operations.
I found that reqwest has added the support for rustls-platform-verifier: Add support for rustls-platform-verifier on version 0.13.0.
Will it be a solution to upgrade the reqwest crate dependency to version 0.13.0 with feature rustls-tls-native-roots? rc seems to use version 0.12.0 at the moment.