Skip to content

feat(tls): expose custom CA and mTLS options#87

Merged
zeevdr merged 1 commit into
mainfrom
feat/mtls-options
May 24, 2026
Merged

feat(tls): expose custom CA and mTLS options#87
zeevdr merged 1 commit into
mainfrom
feat/mtls-options

Conversation

@zeevdr
Copy link
Copy Markdown
Member

@zeevdr zeevdr commented May 24, 2026

Summary

  • Clients connecting to servers with private CAs or mTLS requirements had no way to supply credential material — only system roots were used.
  • Adds a tls option on ClientOptions accepting rootCerts, privateKey, and certChain (all Buffer, all optional).
  • The fields are passed directly to credentials.createSsl() in channel.ts, with no change to the insecure path.

Test plan

  • creates TLS channel with custom root CA — verifies tls.rootCerts accepted without error
  • creates TLS channel with mTLS client cert — spies on credentials.createSsl to verify all three buffers are forwarded
  • ignores tls option when insecure is true — insecure path unchanged
  • All 208 existing tests pass
  • TlsOptions exported from public index and verified with tsc --noEmit

Closes #56

@zeevdr @claude
feat(tls): expose custom CA and mTLS options on ClientOptions
9016a84 
Add TlsOptions interface with rootCerts, privateKey, certChain fields.
Wire them through createChannel into credentials.createSsl. Export
TlsOptions from the public index. Update docs with custom-CA and mTLS
examples. Add three new TLS tests.

Closes #56

Co-Authored-By: Claude <noreply@anthropic.com>
@zeevdr zeevdr added this to the Beta Readiness milestone May 24, 2026
@zeevdr zeevdr added size: S Quick win — a few hours or less priority: P1 Current milestone work labels May 24, 2026
@zeevdr zeevdr enabled auto-merge (squash) May 24, 2026 12:56
@codecov
Copy link
Copy Markdown

codecov Bot commented May 24, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@zeevdr zeevdr merged commit 5c42ac9 into main May 24, 2026
14 checks passed
@zeevdr zeevdr deleted the feat/mtls-options branch May 24, 2026 12:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

priority: P1 Current milestone work size: S Quick win — a few hours or less

Projects

None yet

Milestone

Beta Readiness

Development

Successfully merging this pull request may close these issues.

channel.ts: expose custom CA / mTLS options

1 participant

@zeevdr