2

I have a grpc based client-server app on .NET Framework(no .NET Core libraries used) .I want to secure the connection using SSL encryption.I know it can be done by using SslServerCredentials on the server side and SslCredentials on the client side passed onto the channel which require a key-value pair along with other parameters.

Server side might look like this

SslServerCredentials creds = new SslServerCredentials(new List<KeyCertificatePair>() {keypair},rootCertificate,true);
Server server = new Server
{
    Services = { GrpcTest.BindService(new GrpcTestImpl()) },
    Ports = { new ServerPort("127.0.0.1", Port, creds) }
};

Client Side:-

var ssl = new SslCredentials(rootCertificate, new KeyCertificatePair(clientcert, clientkey));
channel = new Channel("localhost", 555, ssl);
client = new GrpcTest.GrpcTestClient(channel);

Can I use this with X.509 certificates? I don't know how to integrate both of them?

RISHI CHORDIA
  • 27
  • 4
  • Yes, you can definitely use this with X.509 certificates. I don't know in which format your keys/certs come (pfx, pem, key, ...), but note that you can use freely available conversion tools (e.g. the openssl cmdline tool) to convert between the formats, so that you obtain get the pem/key files that are consumed by Grpc.Core. Example command for converting from pfx to pem/key is here: https://github.com/grpc/grpc-dotnet/tree/master/testassets/Certs/InteropTests (I think in your case you might need the opposite direction of conversion, but the idea is the same). – Jan Tattermusch Aug 23 '21 at 09:43
  • @RISHI CHORDIA Did you get the answer of your question? – Sandy Jan 27 '22 at 08:52

0 Answers0