-
Notifications
You must be signed in to change notification settings - Fork 34
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GRPC transport encryption #273
Conversation
applicationContext.registerBean( | ||
JWTAuthGRPCTransportConfigurer.class, | ||
() -> new JWTAuthGRPCTransportConfigurer(verifier) | ||
() -> new JWTAuthGRPCTransportConfigurer(authProperties) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
seems to be handled in #274, probably shouldn't be changed in this PR to avoid conflicts
...uth/src/main/java/com/github/bsideup/liiklus/transport/grpc/config/GRPCTLSConfiguration.java
Outdated
Show resolved
Hide resolved
this one is draft, yeah |
So I've tried to get keys and certs using this manual: Also didn't try yet but it should be actually exactly the same... With absolute paths for now, just to not spend time on relative path issues.
is the only response I've got |
.forAddress("localhost", port) | ||
.directExecutor() | ||
.sslContext(GrpcSslContexts.forClient() | ||
.trustManager(ResourceUtils.getFile("/Users/lanwen/code/github.com/bsideup/liiklus/pki/issued/server.crt")) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
err?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sorry, didn't get? That's either ca, or server cert to trust
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the path to the file is hardcoded and obviously won't work on others' machines :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ah, sure, thats a very dirty draft, I didn't mean to leave it as is. I just wansn't able to achieve anything with certs.
...grpc-transport-auth/src/test/java/com/github/bsideup/liiklus/transport/grpc/GRPCTLSTest.java
Outdated
Show resolved
Hide resolved
could try to automate cert creation for the test, so that it would be easier for you to test same way as I did |
@bsideup I updated certs and paths following https://github.com/grpc/grpc-java/tree/master/testing/src/main/resources/certs so you could try to launch |
That's awesome! So what was wrong with the certs - how did you generate them finally? |
@lanwen FTR: |
related to #188