我用这个命令创建密钥:
openssl req -newkey rsa:2048 -nodes -keyout server.key -x509 -days 365 -out server.crt
我的服务器代码:
server_credentials = grpc.ssl_server_credentials(((_private_key, _certificate_chain,),))
server = grpc.server(futures.ThreadPoolExecutor(max_workers=MAX_THREADPOOL_EXECUTOR))
server.add_secure_port('[::]:{0}'.format(AGENT_PORT), server_credentials)
server.add_insecure_port('[::]:{0}'.format(AGENT_PORT))
print("AgentServicer start at port {}...".format(AGENT_PORT))
server.start()
try:
while True:
# we can do something in main thread......
time.sleep(_ONE_DAY_IN_SECONDS)
except KeyboardInterrupt:
server.stop(0)
我的客户代码:
credentials = grpc.ssl_channel_credentials(root_certificates=_certificate_chain)
channel = grpc.secure_channel('{}:{}'.format("localhost", 10010), credentials)
# channel = grpc.insecure_channel('{}:{}'.format("localhost", 10010))
stub = agent_pb2_grpc.AgentStub(channel)
response = stub.GetAgentVersion(agent_pb2.NoParams())
print("GreeterService client received: " + response.version)
我得到一个例外:
No match found for server name
我究竟做错了什么?
我怀疑您的服务器证书没有CN=localhost您尝试从客户端连接的证书.在这种情况下,您需要创建服务器证书以包含此证书Common Name,或者从您的客户端需要连接到证书中存在的名称.
| 归档时间: |
|
| 查看次数: |
1061 次 |
| 最近记录: |