From 187f4f033509cb616582d0645ff5cf1ea77bac76 Mon Sep 17 00:00:00 2001
From: Peter Neumark <neumark.peter@gmail.com>
Date: Wed, 14 Sep 2022 16:55:38 +0200
Subject: [PATCH] feat: Allow use of system default TLS trusted root by
 omitting the trusted_root client config parameter. (#192)

---
 src/config.rs        | 5 -----
 src/transport/tls.rs | 6 +++++-
 2 files changed, 5 insertions(+), 6 deletions(-)

diff --git a/src/config.rs b/src/config.rs
index 6af9c26..8b9cd3d 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -296,11 +296,6 @@ impl Config {
                         .as_ref()
                         .and(tls_config.pkcs12_password.as_ref())
                         .ok_or_else(|| anyhow!("Missing `pkcs12` or `pkcs12_password`"))?;
-                } else {
-                    tls_config
-                        .trusted_root
-                        .as_ref()
-                        .ok_or_else(|| anyhow!("Missing `trusted_root`"))?;
                 }
                 Ok(())
             }
diff --git a/src/transport/tls.rs b/src/transport/tls.rs
index 8043360..80d0fbd 100644
--- a/src/transport/tls.rs
+++ b/src/transport/tls.rs
@@ -42,7 +42,11 @@ impl Transport for TlsTransport {
                     .build()?;
                 Some(TlsConnector::from(connector))
             }
-            None => None,
+            None => {
+                // if no trusted_root is specified, allow TlsConnector to use system default
+                let connector = native_tls::TlsConnector::builder().build()?;
+                Some(TlsConnector::from(connector))
+            },
         };
 
         let tls_acceptor = match config.pkcs12.as_ref() {