I’ve been making an attempt to connect with an LND node utilizing Rust as a language.
I’ve been always be given this error:
tonic::transport::Error(Transport, hyper::Error(Join, Customized { sort: InvalidData, error: InvalidCertificate(Different(CaUsedAsEndEntity)) }))'
I made a decision to have a look and see how lncli (in-built golang) does this I encountered this two features:
NewClientTLSFromFile comes from google.golang.org/grpc/credentials
AppendCertsFromPEM comes from https://pkg.go.dev/crypto/x509
# certFile is simply the path to the tls.cert offered by LND
func NewClientTLSFromFile(certFile, serverNameOverride string) (TransportCredentials, error) {
b, err := ioutil.ReadFile(certFile)
if err != nil {
return nil, err
}
cp := x509.NewCertPool()
if !cp.AppendCertsFromPEM(b) {
return nil, fmt.Errorf("credentials: did not append certificates")
}
println("RootCAs: ", cp)
return NewTLS(&tls.Config{ServerName: serverNameOverride, RootCAs: cp}), nil
}
func (s *CertPool) AppendCertsFromPEM(pemCerts []byte) (okay bool) {
for len(pemCerts) > 0 {
var block *pem.Block
block, pemCerts = pem.Decode(pemCerts)
if block == nil {
break
}
if block.Sort != "CERTIFICATE" || len(block.Headers) != 0 {
proceed
}
certBytes := block.Bytes
cert, err := ParseCertificate(certBytes)
if err != nil {
proceed
}
var lazyCert struct {
sync.As soon as
v *Certificates
}
s.addCertFunc(sha256.Sum224(cert.Uncooked), string(cert.RawSubject), func() (*Certificates, error) {
lazyCert.Do(func() {
// This could't fail, as the identical bytes already parsed above.
lazyCert.v, _ = ParseCertificate(certBytes)
certBytes = nil
})
return lazyCert.v, nil
})
okay = true
}
return okay
}
I’ve been breaking my head on how to do that in RUST however I have never been ready determine it out.
sorry if this can be a unhealthy clarification.