How to setup certification in agent-rs update call?

canister has a query concat method, and an update concat_update method.

call concat method by agent-rs, it works as expected

call concat_update by dfx, it works as expected

call concat method by agent-rs, it reports Certificate verification failed. the identity file is exported by “dfx identity export identity1”

Want to know how to setup certification in agent-rs update call

Best guess: you’re not fetching the root key.

fetch_root_key docs say:

By default, the agent is configured to talk to the main Internet Computer, and verifies responses using a hard-coded public key.
This function will instruct the agent to ask the endpoint for its public key, and use that instead. This is required when talking to a local test instance, for example.
Only use this when you are not talking to the main Internet Computer, otherwise you are prone to man-in-the-middle attacks! Do not call this function by default.

I suggest you do:

let a = Agent::builder().[...].unwrap();
agent.fetch_root_key().await?; // only if not talking to mainnet
[...]
a.update(...)
1 Like

@Severin thanks for clear info.
after adding fetch_root_key, it works.

1 Like