2
我對SSL/TLS一無所知,並嘗試使用gRPC中的SSL/TLS通道,方法是按照在線說明進行操作。 這裏是服務器代碼:在gRPC客戶端服務器通信中使用SSL
std::string server_address("0.0.0.0:50051");
GreeterServiceImpl service;
grpc::SslServerCredentialsOptions::PemKeyCertPair pkcp ={"a","b"};
grpc::SslServerCredentialsOptions ssl_opts;
ssl_opts.pem_root_certs="";
ssl_opts.pem_key_cert_pairs.push_back(pkcp);
std::shared_ptr<grpc::ServerCredentials> creds;
creds = grpc::SslServerCredentials(ssl_opts);
ServerBuilder builder;
builder.AddListeningPort(server_address, creds);
builder.RegisterService(&service);
std::unique_ptr<Server> server(builder.BuildAndStart());
服務器將無法啓動,並與下面的錯誤終止。
E1115 13:00:55.657846941 17129 ssl_transport_security.c:636] Invalid cert chain file.
E1115 13:00:55.657936436 17129 security_connector.c:830] Handshaker factory creation failed with TSI_INVALID_ARGUMENT.
E1115 13:00:55.657954952 17129 server_secure_chttp2.c:344] {"created":"@1479243655.657946821","description":"Unable to create secure server with credentials of type Ssl.","file":"src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.c","file_line":242,"security_status":1}
Server listening on 0.0.0.0:50051
Segmentation fault (core dumped)
我想要做的只是使用SSL進行服務器和客戶端通信。看起來我缺少服務器中的正確證書,並且認爲客戶端需要類似的東西。由於我沒有任何SSL背景知識,如果有人能夠指點我如何創建這些證書並正確使用gRPC通信的例子,那將是非常好的。