This mostly mimicks it, but it lacks a few extensions. Left is Chrome, right is a set-up reqwest_boring::blocking::Client
.
(Grease values have been copied for simplification, their value differences don't really matter beyond being there)
Of note is that this is the JA3 fingerprint its being tested against. A more complete test would be TS1.
fn create_builder() -> SslConnectorBuilder {
let mut builder = SslConnector::builder(SslMethod::tls()).unwrap();
builder.set_grease_enabled(true);
let list = [
"TLS_AES_128_GCM_SHA256",
"TLS_AES_256_GCM_SHA384",
"TLS_CHACHA20_POLY1305_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_RSA_WITH_AES_256_CBC_SHA",
];
builder.set_cipher_list(&list.join(":")).unwrap();
builder.enable_signed_cert_timestamps();
builder.set_alpn_protos(b"\x02h2\x08http/1.1").unwrap();
builder
}