mirror of https://github.com/grpc/grpc-go.git
29 lines
1.4 KiB
Markdown
29 lines
1.4 KiB
Markdown
# gRPC Advanced Security Examples
|
|
This repo contains example code for different security configurations for grpc-go using `advancedtls`.
|
|
|
|
The servers run a basic echo server with the following setups:
|
|
* Port 8885: A server with a good certificate using certificate providers and crl providers.
|
|
* Port 8884: A server with a revoked certificate using certificate providers and crl providers.
|
|
* Port 8883: A server running using InsecureCredentials.
|
|
|
|
The clients are designed to call these servers with varying configurations of credentials and revocation configurations.
|
|
* mTLS with certificate providers and CRLs
|
|
* mTLS with custom verification
|
|
* mTLS with credentials from credentials.NewTLS (directly using the tls.Config)
|
|
* Insecure Credentials
|
|
|
|
## Building and Running
|
|
```
|
|
# Run the server
|
|
$ go run server/main.go -credentials_directory $(pwd)/creds
|
|
# Run the clients from the `grpc-go/examples/features/advancedtls` directory
|
|
$ go run client/main.go -credentials_directory $(pwd)/creds
|
|
```
|
|
|
|
Stop the servers with ctrl-c or by killing the process.
|
|
|
|
## Developer Note - Generate the credentials used in the examples
|
|
The credentials used for these examples were generated by running the `examples/features/advancedtls/generate.sh` script.
|
|
|
|
If the credentials need to be re-generated, run `./generate.sh` from `/path/to/grpc-go/examples/features/advancedtls` to re-create the `creds` directory containing the certificates and CRLs needed for these examples.
|