一、下载openssl
https://oomake.com/download/openssl 这个链接基本有各个平台(我这里是window 直接下载exe安装文件就可以)
下载完成后 找到安装目录培训一下环境变量 就可以在任何地方使用了
二、生成证书
openssl genrsa -out server.key 2048 openssl req -new -x509 -sha256 -key server.key -out server.crt -days 36500 -subj /C=CN/ST=CQ/L=fanxp/O=cq/OU=bx/CN=go-grpc-test/emailAddress=myname@gmail.com
会生成 server.key server.crt两个文件 go-grpc-test 为servername 测试的时候必须要
三、配置证书
go server
func main(){
lis, err := net.Listen("tcp", PORT)
if err != nil {
log.Fatalf("failed to listen: %v", err)
}
// TLS认证
creds, err := credentials.NewServerTLSFromFile("conf/server.crt", "conf/server.key")
if err != nil {
grpclog.Fatalf("Failed to generate credentials %v", err)
}
s := grpc.NewServer(grpc.Creds(creds))
pb.RegisterGreeterServer(s, &server{})
log.Println("rpc服务已经开启")
s.Serve(lis)
}
这里只展示主要代码(代码基于上一篇博文,可以自行下载测试)
go client
func main() {
creds, err := credentials.NewClientTLSFromFile("conf/server.crt", "go-grpc-test")
if err != nil {
panic(fmt.Errorf("could not load tls cert: %s", err))
}
conn, err := grpc.Dial(address, grpc.WithTransportCredentials(creds))
if err != nil {
log.Fatalf("did not connect: %v", err)
}
defer conn.Close()
c := pb.NewGreeterClient(conn)
name := "lin"
if len(os.Args) > 1 {
name = os.Args[1]
}
r, err := c.SayHello(context.Background(), &pb.HelloRequest{Name: name})
if err != nil {
log.Fatalf("could not greet: %v", err)
}
log.Println(r.Message)
}
c# client
static void Main(string[] args)
{
var cacert = File.ReadAllText("conf/server.crt");
var ssl = new SslCredentials(cacert);
var channOptions = new List<ChannelOption>
{
new ChannelOption(ChannelOptions.SslTargetNameOverride,"go-grpc-test")
};
Channel channel = new Channel("127.0.0.1:50001", ssl,channOptions);
var client = new Greeter.GreeterClient(channel);
var reply = client.SayHello(new HelloRequest{ Name = "lin" });
Console.WriteLine("来自" + reply.Message);
channel.ShutdownAsync().Wait();
Console.WriteLine("任意键退出...");
Console.ReadKey();
}