[Feature Request] Support the use of custom CA cert via the env variable REQUESTS_CA_BUNDLE or CURL_CA_BUNDLE or CARGO_HTTP_CAINFO

[Owen-CH-Leung]

I was trying to build a rust project and compile it into a python window wheel using maturin and I encountered the issue as described below:

PyO3/maturin#1836

From the erroneous output, I notice that there's an error whenever it tried to reach the domain https://aka.ms to download the microsoft CRT files. As described in the above issue, even though the env variables such as MATURIN_CA_BUNDLE, REQUESTS_CA_BUNDLE, CURL_CA_BUNDLE, CARGO_HTTP_CAINFO, SSL_CERT_FILE have been set, there're still the error tls connection init failed: invalid peer certificate: UnknownIssuer. But network-wise, it's able to reach the domain, proven by the valid output from the command curl --ca-cert [path-to-ca-cert] https://aka.ms

Since maturin uses this crate as part of their dependency, I have looked at the source code of this repo to understand how the http request is fired out. From what I understand, it doesn't seem to support the use of custom cert:

https://github.com/Jake-Shadle/xwin/blob/main/src/manifest.rs#L118
https://github.com/Jake-Shadle/xwin/blob/main/src/ctx.rs#L136

I'm not sure if I read it correctly, so feel free to correct me if I'm wrong. Meanwhile, can I ask if we can add the feature to support the use of custom CA cert (possibly by respecting the presence of env variable such as REQUESTS_CA_BUNDLE, CURL_CA_BUNDLE, CARGO_HTTP_CAINFO, SSL_CERT_FILE ? )

Thanks

[Jake-Shadle]

I don't have time to work on this now, please file a PR if this is critical for you.