For a newer project I'm surprised their documentation makes this recommendation:
> Next we load some root certificates. These are used to authenticate the server. The recommended way is to depend on the webpki_roots crate which contains the Mozilla set of root certificates.
The correct certificates to use are the ones that the OS says are trusted. Applications shouldn't ship with a cert bundle that overrides what I trust.
> Next we load some root certificates. These are used to authenticate the server. The recommended way is to depend on the webpki_roots crate which contains the Mozilla set of root certificates.
The correct certificates to use are the ones that the OS says are trusted. Applications shouldn't ship with a cert bundle that overrides what I trust.