Rust reqwest with Certificate and Key fails to be authorised

Question

When I am calling a Rest API that needs a certificate/key authorization I get an unauthorized error.

1. Create a identity by reading a pem-certificate and a private key:

    let key = match fs::read(key_filename) { ... };
    let cert = match fs::read(certificate_filename) {... };
    let ident = Identity::from_pkcs8_pem(&cert, &key).unwrap()

2. Client builder for setting the identity and default headers:

let client = Client::builder()
                   .default_headers(self.headers.clone())
                   .identity(ident.clone())
                   .build();

3. Make the request with additional header and queries

    let req = client.get(&hdlconnect.url)
                    .header(header::CONTENT_TYPE, "application/json")
                    .query(&query);

This produces an "Unauthorized" - status code although the Python-call with the same parameters works fine.

Moving the default-header to the request has not helped, therefore I assume that the Identity causes the issue. The building process does not complain only when the certificate and the key does not match.

I have no clue how to debug and solve the problem.

Many thanks for any hint.

Answer 1

The native-tls seeming does not work with file-based certificates and keys. When moving to rustls (reqwest feature = [rustls-tls]) it finally worked.

    let client = match Client::builder()
                         .use_rustls_tls()
                         .identity(auth)
                         .tls_info(true)
                         .connection_verbose(true)
                         .build() ..