2
我对SSL/TLS一无所知,并尝试使用gRPC中的SSL/TLS通道,方法是按照在线说明进行操作。 这里是服务器代码:在gRPC客户端服务器通信中使用SSL
std::string server_address("0.0.0.0:50051");
GreeterServiceImpl service;
grpc::SslServerCredentialsOptions::PemKeyCertPair pkcp ={"a","b"};
grpc::SslServerCredentialsOptions ssl_opts;
ssl_opts.pem_root_certs="";
ssl_opts.pem_key_cert_pairs.push_back(pkcp);
std::shared_ptr<grpc::ServerCredentials> creds;
creds = grpc::SslServerCredentials(ssl_opts);
ServerBuilder builder;
builder.AddListeningPort(server_address, creds);
builder.RegisterService(&service);
std::unique_ptr<Server> server(builder.BuildAndStart());
服务器将无法启动,并与下面的错误终止。
E1115 13:00:55.657846941 17129 ssl_transport_security.c:636] Invalid cert chain file.
E1115 13:00:55.657936436 17129 security_connector.c:830] Handshaker factory creation failed with TSI_INVALID_ARGUMENT.
E1115 13:00:55.657954952 17129 server_secure_chttp2.c:344] {"created":"@1479243655.657946821","description":"Unable to create secure server with credentials of type Ssl.","file":"src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.c","file_line":242,"security_status":1}
Server listening on 0.0.0.0:50051
Segmentation fault (core dumped)
我想要做的只是使用SSL进行服务器和客户端通信。看起来我缺少服务器中的正确证书,并且认为客户端需要类似的东西。由于我没有任何SSL背景知识,如果有人能够指点我如何创建这些证书并正确使用gRPC通信的例子,那将是非常好的。