From 98f887377d47cbe0879d5021b67437640fe26b2b Mon Sep 17 00:00:00 2001
From: Chong Shen Ng <chong.shen@flower.ai>
Date: Tue, 19 Nov 2024 12:30:45 +0000
Subject: [PATCH 1/2] Init

---
 src/py/flwr/common/args.py | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/py/flwr/common/args.py b/src/py/flwr/common/args.py
index efc44493def2..839655b1ce4b 100644
--- a/src/py/flwr/common/args.py
+++ b/src/py/flwr/common/args.py
@@ -73,9 +73,17 @@ def try_obtain_root_certificates(
         root_certificates = None
     else:
         # Load the certificates if provided, or load the system certificates
-        if not isfile(root_cert_path):
+        if root_cert_path is None:
+            log(
+                WARN,
+                "Both `--insecure` and `--root-certificates` were not set. "
+                "Using system certificates.",
+            )
+            root_certificates = None
+        elif not isfile(root_cert_path):
             sys.exit("Path argument `--root-certificates` does not point to a file.")
-        root_certificates = Path(root_cert_path).read_bytes()
+        else:
+            root_certificates = Path(root_cert_path).read_bytes()
         log(
             DEBUG,
             "Starting secure HTTPS channel to %s "

From 66c67db3eefc5206fdd828d83f4c799ae8b5bfa4 Mon Sep 17 00:00:00 2001
From: Chong Shen Ng <chong.shen@flower.ai>
Date: Tue, 19 Nov 2024 12:36:58 +0000
Subject: [PATCH 2/2] Add error handling if unable to get SSL channel
 credential

---
 src/py/flwr/common/grpc.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/py/flwr/common/grpc.py b/src/py/flwr/common/grpc.py
index 5a29c595119c..0c6e2fc5b082 100644
--- a/src/py/flwr/common/grpc.py
+++ b/src/py/flwr/common/grpc.py
@@ -53,7 +53,10 @@ def create_channel(
         channel = grpc.insecure_channel(server_address, options=channel_options)
         log(DEBUG, "Opened insecure gRPC connection (no certificates were passed)")
     else:
-        ssl_channel_credentials = grpc.ssl_channel_credentials(root_certificates)
+        try:
+            ssl_channel_credentials = grpc.ssl_channel_credentials(root_certificates)
+        except Exception as e:
+            raise ValueError(f"Failed to create SSL channel credentials: {e}") from e
         channel = grpc.secure_channel(
             server_address, ssl_channel_credentials, options=channel_options
         )