grpc
/
grpc-java
mirror of https://github.com/grpc/grpc-java.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

examples: make tls example easier to run (#5715) 

* examples: make tls example easier to run

* Make the ca cert able to be verified by the server cert in openssl
* Make the port number consistent in each example (easy to copy paste wrong one)
* use correct netty-tcnative

* address comments
This commit is contained in:
Carl Mastrangelo 2019-05-09 23:03:30 -07:00 committed by Jan Tattermusch
parent 0c17c4c995
commit af51e969da
2 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
examples/example-tls/README.md
View File

@ -42,7 +42,8 @@ You can use the following script to generate self-signed certificates for grpc-j
```bash ```bash
mkdir -p /tmp/sslcert mkdir -p /tmp/sslcert
pushd /tmp/sslcert pushd /tmp/sslcert
# Changes these CN's to match your hosts in your environment if needed. # Change these CN's to match your hosts in your environment if needed.
SERVER_CA_CN=localhost-ca
SERVER_CN=localhost SERVER_CN=localhost
CLIENT_CN=localhost # Used when doing mutual TLS CLIENT_CN=localhost # Used when doing mutual TLS
@ -50,7 +51,7 @@ echo Generate CA key:
openssl genrsa -passout pass:1111 -des3 -out ca.key 4096 openssl genrsa -passout pass:1111 -des3 -out ca.key 4096
echo Generate CA certificate: echo Generate CA certificate:
# Generates ca.crt which is the trustCertCollectionFile # Generates ca.crt which is the trustCertCollectionFile
openssl req -passin pass:1111 -new -x509 -days 365 -key ca.key -out ca.crt -subj "/CN=${SERVER_CN}" openssl req -passin pass:1111 -new -x509 -days 365 -key ca.key -out ca.crt -subj "/CN=${SERVER_CA_CN}"
echo Generate server key: echo Generate server key:
openssl genrsa -passout pass:1111 -des3 -out server.key 4096 openssl genrsa -passout pass:1111 -des3 -out server.key 4096
echo Generate server signing request: echo Generate server signing request:
@ -90,9 +91,9 @@ popd
```bash ```bash
# Run the server: # Run the server:
./build/install/example-tls/bin/hello-world-tls-server localhost 54440 /tmp/sslcert/server.crt /tmp/sslcert/server.pem /tmp/sslcert/ca.crt ./build/install/example-tls/bin/hello-world-tls-server localhost 50440 /tmp/sslcert/server.crt /tmp/sslcert/server.pem /tmp/sslcert/ca.crt
# In another terminal run the client # In another terminal run the client
./build/install/example-tls/bin/hello-world-tls-client localhost 54440 /tmp/sslcert/ca.crt /tmp/sslcert/client.crt /tmp/sslcert/client.pem ./build/install/example-tls/bin/hello-world-tls-client localhost 50440 /tmp/sslcert/ca.crt /tmp/sslcert/client.crt /tmp/sslcert/client.pem
``` ```
That's it! That's it!

2
examples/example-tls/build.gradle
View File

@ -23,7 +23,7 @@ targetCompatibility = 1.7
// Feel free to delete the comment at the next line. It is just for safely // Feel free to delete the comment at the next line. It is just for safely
// updating the version in our release process. // updating the version in our release process.
def grpcVersion = '1.22.0-SNAPSHOT' // CURRENT_GRPC_VERSION def grpcVersion = '1.22.0-SNAPSHOT' // CURRENT_GRPC_VERSION
def nettyTcNativeVersion = '2.0.20.Final' def nettyTcNativeVersion = '2.0.22.Final'
def protocVersion = '3.7.1' def protocVersion = '3.7.1'
dependencies { dependencies {