您可以帮助我获得gRPC服务器的ssl认证吗?
这是我使用 C#Core Console应用程序的方式:
const int Port = 50051;
const string host = "127.0.0.1";
var cacert = File.ReadAllText(@"Certs/ca.crt");
var servercert = File.ReadAllText(@"Certs/server.crt");
var serverkey = File.ReadAllText(@"Certs/server.key");
var keypair = new KeyCertificatePair(servercert, serverkey);
var sslCredentials = new SslServerCredentials(new List<KeyCertificatePair>() { keypair }, cacert, false);
var server = new Server()
{
// setup host, port and server credentials
Ports = { new ServerPort(host, Port, sslCredentials) },
// register the service we built earlier
Services = { Messages.BindService(new MessagesImpl()) }
};
server.Start();
我不知道如何在 ASP.NET核心gRPC服务器中提供SslServerCredentials?
通过在配置部分中添加Stattup.cs文件来启动cRPG服务器。public void ConfigureServices(IServiceCollection services)
{
services.AddGrpc();
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseRouting();
app.UseEndpoints(endpoints =>
{
// Communication with gRPC endpoints must be made through a gRPC client.
// To learn how to create a client, visit: https://go.microsoft.com/fwlink/?linkid=2086909
endpoints.MapGrpcService<ServiceBaaseClass>();
});
}
答案 0 :(得分:0)
构建主机时,应配置https。如果您使用的是grpc模板,则在Program.cs中。
示例:
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.ConfigureKestrel(options =>
{
options.ListenLocalhost(50051, listenOptions =>
{
listenOptions.Protocols = HttpProtocols.Http2;
var cert = new X509Certificate2("localhost.pfx", "test");
listenOptions.UseHttps(cert);
});
});
webBuilder.UseStartup<Startup>();
});
我以这种方式生成了一个pfx文件:
openssl req -new -x509 -newkey rsa:2048 -keyout localhost.key -out localhost.cer -days 365 -subj /CN=localhost
openssl pkcs12 -export -out localhost.pfx -inkey localhost.key -in localhost.cer