BrokenPipe Error Using TLS With Root Certificate

[cobbinma]

Bug Report

Version

tonic = { version = "0.11", features = ["tls"] }

❯ cargo tree | grep tonic
│   └── tonic v0.11.0
├── tonic v0.11.0 (*)
├── tonic-health v0.11.0
│   └── tonic v0.11.0 (*)
├── tonic-reflection v0.11.0
│   └── tonic v0.11.0 (*)
│   │   └── tonic v0.11.0 (*)

Platform

Darwin 0349 23.2.0 Darwin Kernel Version 23.2.0: Wed Nov 15 21:53:34 PST 2023; root:xnu-10002.61.3~2/RELEASE_ARM64_T8103 arm6

Description

We recently upgraded tonic to v0.11.0 from v0.8 and are now receiving 'broken pipe' errors when trying to send requests to a remote server using tls with the mac root certificate.

called `Result::unwrap()` on an `Err` value: Status { code: Unknown, message: "transport error", source: Some(tonic::transport::Error(Transport, hyper::Error(Io, Custom { kind: BrokenPipe, error: "stream closed because of a broken pipe" }))) }

let pem = std::fs::read_to_string("/etc/ssl/cert.pem")?;
let ca = Certificate::from_pem(pem);
endpoint = endpoint.tls_config(ClientTlsConfig::new().ca_certificate(ca))?;

https://jessitron.com/2022/11/02/make-https-work-on-grpc-in-rust-load-a-root-certificate-into-the-tls-config/

If I downgrade to tonic v0.8 I can make successful requests to the server.

I have also tried using the feature tls-roots but this did not help.

I realise this will be difficult to replicate. Please let me know if there's any more detail I can provide.