1
보안 helloworld 프로그램을 실행하여 GRPC 코드의 TLS 지원을 확인하려고합니다. 이 오류가 발생합니다.TLS 지원 grpc의 오류
E1228 23:15:44.054232298 10843 ssl_transport_security.cc:621] Invalid cert chain file.
E1228 23:15:44.054286682 10843 security_connector.cc:1108] Handshaker factory creation failed with TSI_INVALID_ARGUMENT.
E1228 23:15:44.054304555 10843 server_secure_chttp2.cc:83] {"created":"@1514520944.054294700","description":"Unable to create secure server with credentials of type Ssl.","file":"src/core/ext/transport/chttp2/server/secure/server_secure_chttp2.cc","file_line":62,"security_status":1}
Server listening on localhost:50051
Segmentation fault (core dumped)
내 서버 코드는 다음과 같습니다.
std::string server_address ("localhost:50051");
std::string key;
std::string cert;
std::string root;
read ("server.crt", cert);
read ("server.key", key);
read ("ca.crt", root);
ServerBuilder builder;
grpc::SslServerCredentialsOptions::PemKeyCertPair keycert =
{
key,
cert
};
grpc::SslServerCredentialsOptions sslOps;
sslOps.pem_root_certs = root;
sslOps.pem_key_cert_pairs.push_back (keycert);
builder.AddListeningPort(server_address, grpc::SslServerCredentials(sslOps));
GreeterServiceImpl service;
builder.RegisterService(&service);
std::unique_ptr <Server> server (builder.BuildAndStart());
std::cout << "Server listening on " << server_address << std::endl;
server->Wait();
나는 서버를 실행하려고하고 있습니다. 아직 화면에는 CLient가 없습니다. 다음은 키를 생성하는 데 사용한 스크립트입니다.
# Generate valid CA
openssl genrsa -passout pass:1234 -des3 -out ca.key 4096
openssl req -passin pass:1234 -new -x509 -days 365 -key ca.key -out ca.crt -subj "/C=CA/ST=Ontario/L=Ontario/O=Test/OU=Test/CN=Root CA"
# Generate valid Server Key/Cert
openssl genrsa -passout pass:1234 -des3 -out server.key 4096
openssl req -passin pass:1234 -new -key server.key -out server.csr -subj "/C=CA/ST=Ontario/L=Ontario/O=Test/OU=Server/CN=localhost"
openssl x509 -req -passin pass:1234 -days 365 -in server.csr -CA ca.crt -
CAkey ca.key -set_serial 01 -out server.crt
# Remove passphrase from the Server Key
openssl rsa -passin pass:1234 -in server.key -out server.key
# Generate valid Client Key/Cert
openssl genrsa -passout pass:1234 -des3 -out client.key 4096
openssl req -passin pass:1234 -new -key client.key -out client.csr -subj "/C=CA/ST=Ontario/L=Ontario/O=Test/OU=Client/CN=localhost"
openssl x509 -passin pass:1234 -req -days 365 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out client.crt
# Remove passphrase from Client Key
openssl rsa -passin pass:1234 -in client.key -out client.key
모든 도움을 주시면 감사하겠습니다. 감사합니다
첫 번째 기여에 감사 드리며 코드 참조를 제공해 주셔서 감사합니다. 대답에 가장 관련성 높은 코드를 제공하여 답변을 향상시킬 수 있습니다. –