lab/grpc-gateway-example
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

comment gateway-tls gateway creds

Browse Source
This commit is contained in:
finlab 2021-01-17 22:15:20 +08:00
parent 1a36d08a46
commit c56f6c1c12
1 changed files with 20 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
cmd/gateway-tls/main.go
View File

@ -54,29 +54,29 @@ func main() {
}
}
func gwCreds() credentials.TransportCredentials {
cert, err := tls.LoadX509KeyPair("./cert/server.pem", "./cert/server.key")
if err != nil {
log.Fatal(err)
}
// func gwCreds() credentials.TransportCredentials {
// cert, err := tls.LoadX509KeyPair("./cert/server.pem", "./cert/server.key")
// if err != nil {
// log.Fatal(err)
// }
certPool := x509.NewCertPool()
ca, err := ioutil.ReadFile("./cert/ca.pem")
if err != nil {
log.Fatal(err)
}
if ok := certPool.AppendCertsFromPEM(ca); !ok {
log.Fatal("failed to append certs")
}
// certPool := x509.NewCertPool()
// ca, err := ioutil.ReadFile("./cert/ca.pem")
// if err != nil {
// log.Fatal(err)
// }
// if ok := certPool.AppendCertsFromPEM(ca); !ok {
// log.Fatal("failed to append certs")
// }
creds := credentials.NewTLS(&tls.Config{
Certificates: []tls.Certificate{cert},
ClientAuth: tls.RequireAndVerifyClientCert, // NOTE: this is optional!
ClientCAs: certPool,
})
// creds := credentials.NewTLS(&tls.Config{
// Certificates: []tls.Certificate{cert},
// ClientAuth: tls.RequireAndVerifyClientCert, // NOTE: this is optional!
// ClientCAs: certPool,
// })
return creds
}
// return creds
// }
func grpcServerClientCreds() grpc.DialOption {
cert, err := tls.LoadX509KeyPair("./cert/client.pem", "./cert/client.key")