mirror of https://github.com/grpc/grpc-go.git
3b626a7b52
|
||
|---|---|---|
| .. | ||
| client | ||
| creds | ||
| server | ||
| README.md | ||
| generate.sh | ||
| localhost-openssl.cnf | ||
| openssl-ca.cnf | ||
README.md
gRPC Advanced Security Examples
This repo contains example code for different security configurations for grpc-go using advancedtls.
The servers run a basic echo server with the following setups:
- Port 8885: A server with a good certificate using certificate providers and crl providers.
- Port 8884: A server with a revoked certificate using certificate providers and crl providers.
- Port 8883: A server running using InsecureCredentials.
The clients are designed to call these servers with varying configurations of credentials and revocation configurations.
- mTLS with certificate providers and CRLs
- mTLS with custom verification
- mTLS with credentials from credentials.NewTLS (directly using the tls.Config)
- Insecure Credentials
Building and Running
# Run the server
$ go run server/main.go -credentials_directory $(pwd)/creds
# Run the clients from the `grpc-go/examples/features/advancedtls` directory
$ go run client/main.go -credentials_directory $(pwd)/creds
Stop the servers with ctrl-c or by killing the process.
Developer Note - Generate the credentials used in the examples
The credentials used for these examples were generated by running the examples/features/advancedtls/generate.sh script.
If the credentials need to be re-generated, run ./generate.sh from /path/to/grpc-go/examples/features/advancedtls to re-create the creds directory containing the certificates and CRLs needed for these examples.