diff --git a/tonic/Cargo.toml b/tonic/Cargo.toml
index 6ac76ea03..ab32484e4 100644
--- a/tonic/Cargo.toml
+++ b/tonic/Cargo.toml
@@ -29,7 +29,8 @@ zstd = ["dep:zstd"]
 default = ["transport", "codegen", "prost"]
 prost = ["dep:prost"]
 tls = ["dep:rustls-pemfile", "dep:tokio-rustls", "dep:tokio", "tokio?/rt", "tokio?/macros"]
-tls-roots = ["tls", "channel", "dep:rustls-native-certs"]
+tls-roots = ["tls-native-roots"] # Deprecated. Please use `tls-native-roots` instead.
+tls-native-roots = ["tls", "channel", "dep:rustls-native-certs"]
 tls-webpki-roots = ["tls", "channel", "dep:webpki-roots"]
 router = ["dep:axum", "dep:tower", "tower?/util"]
 server = [
diff --git a/tonic/src/lib.rs b/tonic/src/lib.rs
index 616c444d1..799083cef 100644
--- a/tonic/src/lib.rs
+++ b/tonic/src/lib.rs
@@ -26,7 +26,8 @@
 //!   for [`tonic-build`]. Enabled by default.
 //! - `tls`: Enables the [`rustls`] based TLS options for the `transport` feature. Not
 //!   enabled by default.
-//! - `tls-roots`: Adds system trust roots to [`rustls`]-based gRPC clients using the
+//! - `tls-roots`: Deprecated. An alias to `tls-native-roots` feature.
+//! - `tls-native-roots`: Adds system trust roots to [`rustls`]-based gRPC clients using the
 //!   [`rustls-native-certs`] crate. Not enabled by default.
 //! - `tls-webpki-roots`: Add the standard trust roots from the [`webpki-roots`] crate to
 //!   `rustls`-based gRPC clients. Not enabled by default.
diff --git a/tonic/src/transport/channel/service/tls.rs b/tonic/src/transport/channel/service/tls.rs
index 54abcbee3..33320958c 100644
--- a/tonic/src/transport/channel/service/tls.rs
+++ b/tonic/src/transport/channel/service/tls.rs
@@ -26,13 +26,13 @@ impl TlsConnector {
         identity: Option<Identity>,
         domain: &str,
         assume_http2: bool,
-        #[cfg(feature = "tls-roots")] with_native_roots: bool,
+        #[cfg(feature = "tls-native-roots")] with_native_roots: bool,
         #[cfg(feature = "tls-webpki-roots")] with_webpki_roots: bool,
     ) -> Result<Self, crate::Error> {
         let builder = ClientConfig::builder();
         let mut roots = RootCertStore::empty();
 
-        #[cfg(feature = "tls-roots")]
+        #[cfg(feature = "tls-native-roots")]
         if with_native_roots {
             roots.add_parsable_certificates(rustls_native_certs::load_native_certs()?);
         }
diff --git a/tonic/src/transport/channel/tls.rs b/tonic/src/transport/channel/tls.rs
index 1e02b4398..8c845f0ef 100644
--- a/tonic/src/transport/channel/tls.rs
+++ b/tonic/src/transport/channel/tls.rs
@@ -12,7 +12,7 @@ pub struct ClientTlsConfig {
     certs: Vec<Certificate>,
     identity: Option<Identity>,
     assume_http2: bool,
-    #[cfg(feature = "tls-roots")]
+    #[cfg(feature = "tls-native-roots")]
     with_native_roots: bool,
     #[cfg(feature = "tls-webpki-roots")]
     with_webpki_roots: bool,
@@ -64,7 +64,7 @@ impl ClientTlsConfig {
     }
 
     /// Enables the platform's trusted certs.
-    #[cfg(feature = "tls-roots")]
+    #[cfg(feature = "tls-native-roots")]
     pub fn with_native_roots(self) -> Self {
         ClientTlsConfig {
             with_native_roots: true,
@@ -91,7 +91,7 @@ impl ClientTlsConfig {
             self.identity,
             domain,
             self.assume_http2,
-            #[cfg(feature = "tls-roots")]
+            #[cfg(feature = "tls-native-roots")]
             self.with_native_roots,
             #[cfg(feature = "tls-webpki-roots")]
             self.with_webpki_roots,