zoukankan      html  css  js  c++  java
  • 使用自签CA,Server,client证书和双向认证

    服务端代码

    package main
    
    import (
        "crypto/tls"
        "crypto/x509"
        "google.golang.org/grpc"
        "google.golang.org/grpc/credentials"
        "grpcpro/services"
        "io/ioutil"
        "net"
    )
    
    func main()  {
        cert,_:=tls.LoadX509KeyPair("cert/server.pem","cert/server.key")
        certPool := x509.NewCertPool()
        ca, _ := ioutil.ReadFile("cert/ca.pem")
        certPool.AppendCertsFromPEM(ca)
    
        creds:=credentials.NewTLS(&tls.Config{
            Certificates: []tls.Certificate{cert},//服务端证书
            ClientAuth:   tls.RequireAndVerifyClientCert,
            ClientCAs:    certPool,
        })
    
    
        rpcServer:=grpc.NewServer(grpc.Creds(creds))
        services.RegisterProdServiceServer(rpcServer,new(services.ProdService))
        lis,_:=net.Listen("tcp",":8081")
        rpcServer.Serve(lis)
    
        //以下注释为grpc提供http服务代码
        //mux:=http.NewServeMux()
        //mux.HandleFunc("/", func(writer http.ResponseWriter, request *http.Request) {
        //     rpcServer.ServeHTTP(writer,request)
        //})
        //httpServer:=&http.Server{
        //    Addr:":8081",
        //    Handler:mux,
        //}
        //httpServer.ListenAndServeTLS("keys/server.crt","keys/server.key")
    
    }
    

    客户端代码

    package main
    
    import (
        "context"
        "crypto/tls"
        "crypto/x509"
        "fmt"
        "google.golang.org/grpc"
        "google.golang.org/grpc/credentials"
        "grpccli/services"
        "io/ioutil"
        "log"
    )
    
    func main(){
        //creds, err := credentials.NewClientTLSFromFile("keys/server.crt", "localhost")
        //if err != nil {
        //    log.Fatal(err)
        //}
    
        cert,_:=tls.LoadX509KeyPair("cert/client.pem","cert/client.key")
        certPool := x509.NewCertPool()
        ca, _ := ioutil.ReadFile("cert/ca.pem")
        certPool.AppendCertsFromPEM(ca)
    
        creds:=credentials.NewTLS(&tls.Config{
            Certificates: []tls.Certificate{cert},//客户端证书
            ServerName: "localhost",
            RootCAs:      certPool,
        })
    
    
        conn,err:=grpc.Dial(":8081",grpc.WithTransportCredentials(creds))
        if err!=nil{
            log.Fatal(err)
        }
        defer conn.Close()
    
        prodClient:=services.NewProdServiceClient(conn)
        prodRes,err:=prodClient.GetProdStock(context.Background(),
            &services.ProdRequest{ProdId:12})
        if err!=nil{
            log.Fatal(err)
        }
        fmt.Println(prodRes.ProdStock)
    }
    

    <wiz_tmp_tag id="wiz-table-range-border" contenteditable="false" style="display: none;">





  • 相关阅读:
    left join 和 inner join 区别和优化
    认识位移操作符
    動態修改 XML 欄位
    (轉載)sql server xml字段的操作
    (轉)CSS 单行溢出文本显示省略号...的方法(兼容IE FF)
    (轉)Equal height boxes with CSS
    獲得瀏覽器顯示標簽的真實的長寬高
    轉:Jquery绑定img的click事件
    SqlLocalDB 的一些常用命令行
    转:css实现强制不换行/自动换行/强制换行
  • 原文地址:https://www.cnblogs.com/hualou/p/12070306.html
Copyright © 2011-2022 走看看