Allow setting ca_cert file for connection with graph

CHANGELOG.md

@@ -1,3 +1,9 @@
+# 1.9.1
+
+## Enhancements
+
+- Allow `config :graph_conn, ca_cert: "/absolute/path/to/my_cert.crt"` to be set
+
 # 1.9.0
 
 ## Enhancements

lib/graph_conn/supervisor.ex

@@ -40,13 +40,22 @@ defmodule GraphConn.Supervisor do
   defp _conn_opts do
     insecure? = Application.get_env(:graph_conn, :insecure) == true
     proxy = Application.get_env(:graph_conn, :proxy, false)
+    ca_cert_file = Application.get_env(:graph_conn, :ca_cert)
 
     case {insecure?, proxy} do
       {true, false} ->
-        [conn_opts: [transport_opts: [verify: :verify_none]]]
+        transport_opts =
+          [verify: :verify_none]
+          |> _inject_ca_cert_file(ca_cert_file)
+
+        [conn_opts: [transport_opts: transport_opts]]
 
       {true, proxy} ->
-        [conn_opts: [transport_opts: [verify: :verify_none], proxy: _proxy_opts(proxy)]]
+        transport_opts =
+          [verify: :verify_none]
+          |> _inject_ca_cert_file(ca_cert_file)
+
+        [conn_opts: [transport_opts: transport_opts, proxy: _proxy_opts(proxy)]]
 
       {false, false} ->
         []
@@ -63,4 +72,7 @@ defmodule GraphConn.Supervisor do
 
     {:http, address, port, opts}
   end
+
+  defp _inject_ca_cert_file(opts, nil), do: opts
+  defp _inject_ca_cert_file(opts, file_path), do: [{:cacertfile, file_path} | opts]
 end

lib/graph_conn/ws.ex

@@ -246,10 +246,12 @@ defmodule GraphConn.WS do
 
   @spec _transport_opts(charlist()) :: Keyword.t()
   defp _transport_opts(host) do
+    ca_cert_file = Application.get_env(:graph_conn, :ca_cert) || :certifi.cacertfile()
+
     [
       verify: :verify_peer,
       depth: 10,
-      cacertfile: :certifi.cacertfile(),
+      cacertfile: ca_cert_file,
       server_name_indication: host,
       verify_fun: {&:ssl_verify_hostname.verify_fun/3, [check_hostname: host]},
       customize_hostname_check: [