http_client_tls.rs

 1use std::sync::OnceLock;
 2
 3use rustls::ClientConfig;
 4use rustls_platform_verifier::ConfigVerifierExt;
 5
 6static TLS_CONFIG: OnceLock<rustls::ClientConfig> = OnceLock::new();
 7
 8pub fn tls_config() -> ClientConfig {
 9    TLS_CONFIG
10        .get_or_init(|| {
11            // rustls uses the `aws_lc_rs` provider by default
12            // This only errors if the default provider has already
13            // been installed. We can ignore this `Result`.
14            rustls::crypto::aws_lc_rs::default_provider()
15                .install_default()
16                .ok();
17
18            ClientConfig::with_platform_verifier()
19        })
20        .clone()
21}