diff --git a/CHANGELOG.md b/CHANGELOG.md index 41a5429f..c9adf8fb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,8 @@ The minor version will be incremented upon a breaking change and the patch versi ### Features +- client: add `ca_certificate` option ([#497](https://github.com/rpcpool/yellowstone-grpc/pull/497)) + ### Breaking ## 2024-12-15 diff --git a/examples/rust/src/bin/client.rs b/examples/rust/src/bin/client.rs index fbca240b..fe3afa6e 100644 --- a/examples/rust/src/bin/client.rs +++ b/examples/rust/src/bin/client.rs @@ -12,11 +12,12 @@ use { collections::HashMap, env, fs::File, + path::PathBuf, sync::Arc, time::{Duration, Instant, SystemTime, UNIX_EPOCH}, }, tokio::{fs, sync::Mutex}, - tonic::transport::channel::ClientTlsConfig, + tonic::transport::{channel::ClientTlsConfig, Certificate}, yellowstone_grpc_client::{GeyserGrpcClient, GeyserGrpcClientError, Interceptor}, yellowstone_grpc_proto::{ convert_from, @@ -52,6 +53,10 @@ struct Args { /// Service endpoint endpoint: String, + /// Path of a certificate authority file + #[clap(long)] + ca_certificate: Option, + #[clap(long)] x_token: Option, @@ -117,9 +122,14 @@ impl Args { } async fn connect(&self) -> anyhow::Result> { + let mut tls_config = ClientTlsConfig::new().with_native_roots(); + if let Some(path) = &self.ca_certificate { + let bytes = fs::read(path).await?; + tls_config = tls_config.ca_certificate(Certificate::from_pem(bytes)); + } let mut builder = GeyserGrpcClient::build_from_shared(self.endpoint.clone())? .x_token(self.x_token.clone())? - .tls_config(ClientTlsConfig::new().with_native_roots())? + .tls_config(tls_config)? .max_decoding_message_size(self.max_decoding_message_size); if let Some(duration) = self.connect_timeout_ms {