GRPC的ACME证书

时间:2018-04-17 09:51:21

标签: go

是否可以将m.GetCertificate放入GRPC客户端/服务器?

   m := &autocert.Manager{
        Cache:      autocert.DirCache("tls"),
        Prompt:     autocert.AcceptTOS,
        HostPolicy: autocert.HostWhitelist("example.com"),
    }
    go http.ListenAndServe(":http", m.HTTPHandler(nil))
    cert, err := m.GetCertificate(...)
    if err != nil {
        t.Fatalf("Failed to generate certificates %s", err)
    }
    creds := credentials.NewServerTLSFromCert(cert)
    srv := grpc.NewServer(grpc.Creds(creds))
    reflection.Register(srv)

https://godoc.org/golang.org/x/crypto/acme/autocert

2 个答案:

答案 0 :(得分:0)

希望这会有所帮助:

文档:https://github.com/grpc/grpc-go/blob/master/Documentation/grpc-auth-support.md

示例代码:https://github.com/grpc/grpc-go/tree/master/examples/oauth

答案 1 :(得分:0)

https://github.com/golang/go/issues/24894

  

使用NewTLS而不是NewServerTLSFromCert。

https://godoc.org/google.golang.org/grpc/credentials#NewTLS

FiloSottile

的积分 
    m := &autocert.Manager{
    Cache:      autocert.DirCache("tls"),
    Prompt:     autocert.AcceptTOS,
    HostPolicy: autocert.HostWhitelist("example.com"),
}
go http.ListenAndServe(":http", m.HTTPHandler(nil))
creds := credentials.NewTLS(&tls.Config{GetCertificate: m.GetCertificate})
srv := grpc.NewServer(grpc.Creds(creds))
reflection.Register(srv)
相关问题
最新问题