diff --git a/CHANGELOG.md b/CHANGELOG.md index 6a50109..02a52ba 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,14 @@ All notable changes to this project will be documented in this file. +## [Unreleased] + +### Changed +- `rustls` feature now enables both `rustls-tls-native-roots` and `rustls-tls-webpki-roots` for reqwest + - Provides support for system certificates (including those installed by Cloudflare WARP or corporate VPNs) + - Falls back to bundled Mozilla certificates in minimal environments + - Both certificate stores are merged, providing maximum compatibility + ## v0.20.0 -- 2025-10-29 ### Added diff --git a/Cargo.toml b/Cargo.toml index 6ba3bb3..bc33337 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -104,7 +104,8 @@ native-tls = [ ] rustls = [ "dep:rustls_sys", - "reqwest?/rustls-tls", + "reqwest?/rustls-tls-native-roots", + "reqwest?/rustls-tls-webpki-roots", "suppaftp?/rustls", "rust-s3?/sync-rustls-tls" ] diff --git a/README.md b/README.md index 0d7cb59..84f2cb3 100644 --- a/README.md +++ b/README.md @@ -68,7 +68,7 @@ oneio = { version = "0.20", features = ["async"] } - `s3` - S3-compatible storage **TLS Backends** (for HTTPS - mutually exclusive): -- `rustls` - Pure Rust TLS (use with `http`) +- `rustls` - Pure Rust TLS (use with `http`). Uses both system certificates and bundled Mozilla certificates for maximum compatibility with corporate VPNs and minimal environments. - `native-tls` - Platform native TLS (use with `http`) **Additional**: diff --git a/src/lib.rs b/src/lib.rs index 0d2dc7e..a415c50 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -62,7 +62,7 @@ oneio = { version = "0.20", features = ["async"] } - `s3` - S3-compatible storage **TLS Backends** (for HTTPS - mutually exclusive): -- `rustls` - Pure Rust TLS (use with `http`) +- `rustls` - Pure Rust TLS (use with `http`). Uses both system certificates and bundled Mozilla certificates for maximum compatibility with corporate VPNs and minimal environments. - `native-tls` - Platform native TLS (use with `http`) **Additional**: