How do you use the gRPC python auth library for both client and server authentication? The docs only cover server authentication.
Are there additional flags in grpc.secure_channel() that need to be used?
Asked
Active
Viewed 5,712 times
1 Answers
8
The server side, needs to have:
server_credentials = grpc.ssl_server_credentials(
((private_key, cert_chain),), root_cert, require_client_auth=True)
server.add_secure_port('%s:%d' % (ip, port), server_credentials)
root_cert is the root CA to verify the client certificate. private_key and cert_chain will be the certificate the server uses to be verified by the client.
And the client side:
creds = grpc.ssl_channel_credentials(
certificate_chain=cert_chain, private_key=cert_key, root_certificates=root_ca)
channel = grpc.secure_channel('%s:%d' % (hostname, port), creds)
Where root_ca is the root CA to verify the server's certificate chain, and cert_chain and cert_key are used to authenticate the client.
maged
- 859
- 10
- 24