lab/grpc-gateway-example
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

comment gateway-tls gateway creds

Browse Source
This commit is contained in:
finlab 2021-01-17 22:15:20 +08:00
parent 1a36d08a46
commit c56f6c1c12
1 changed files with 20 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
cmd/gateway-tls/main.go
View File

@ -54,29 +54,29 @@ func main() {
} }
} }
func gwCreds() credentials.TransportCredentials { // func gwCreds() credentials.TransportCredentials {
cert, err := tls.LoadX509KeyPair("./cert/server.pem", "./cert/server.key") // cert, err := tls.LoadX509KeyPair("./cert/server.pem", "./cert/server.key")
if err != nil { // if err != nil {
log.Fatal(err) // log.Fatal(err)
} // }
certPool := x509.NewCertPool() // certPool := x509.NewCertPool()
ca, err := ioutil.ReadFile("./cert/ca.pem") // ca, err := ioutil.ReadFile("./cert/ca.pem")
if err != nil { // if err != nil {
log.Fatal(err) // log.Fatal(err)
} // }
if ok := certPool.AppendCertsFromPEM(ca); !ok { // if ok := certPool.AppendCertsFromPEM(ca); !ok {
log.Fatal("failed to append certs") // log.Fatal("failed to append certs")
} // }
creds := credentials.NewTLS(&tls.Config{ // creds := credentials.NewTLS(&tls.Config{
Certificates: []tls.Certificate{cert}, // Certificates: []tls.Certificate{cert},
ClientAuth: tls.RequireAndVerifyClientCert, // NOTE: this is optional! // ClientAuth: tls.RequireAndVerifyClientCert, // NOTE: this is optional!
ClientCAs: certPool, // ClientCAs: certPool,
}) // })
return creds // return creds
} // }
func grpcServerClientCreds() grpc.DialOption { func grpcServerClientCreds() grpc.DialOption {
cert, err := tls.LoadX509KeyPair("./cert/client.pem", "./cert/client.key") cert, err := tls.LoadX509KeyPair("./cert/client.pem", "./cert/client.key")