Allow custom certificates when connecting to BN (#2703)

## Issue Addressed Resolves #2262 ## Proposed Changes Add a new CLI flag `--beacon-nodes-tls-certs` which allows the user to specify a path to a certificate file (or a list of files, separated by commas). The VC will then use these certificates (in addition to the existing certificates in the OS trust store) when connecting to a beacon node over HTTPS. ## Additional Info This only supports certificates in PEM format.
2026-03-11 18:04:18 +00:00 · 2021-10-15 00:07:11 +00:00
parent 05040e68ec
commit 7c23e2142a
5 changed files with 80 additions and 3 deletions
--- a/validator_client/src/cli.rs
+++ b/validator_client/src/cli.rs
@@ -101,6 +101,16 @@ pub fn cli_app<'a, 'b>() -> App<'a, 'b> {
                        made to the beacon node. This flag is generally not recommended, \
                        longer timeouts can cause missed duties when fallbacks are used.")
        )
+        .arg(
+            Arg::with_name("beacon-nodes-tls-certs")
+                .long("beacon-nodes-tls-certs")
+                .value_name("CERTIFICATE-FILES")
+                .takes_value(true)
+                .help("Comma-separated paths to custom TLS certificates to use when connecting \
+                        to a beacon node. These certificates must be in PEM format and are used \
+                        in addition to the OS trust store. Commas must only be used as a \
+                        delimiter, and must not be part of the certificate path.")
+        )
        // This overwrites the graffiti configured in the beacon node.
        .arg(
            Arg::with_name("graffiti")