determine client identity in mTLS gRPC server

Asked Jul 18 '21 at 01:08

Active Jul 18 '21 at 01:08

Viewed 35 times

I am writing a mTLS gRPC server in Golang. Peers can be uniquely identified via Common Name of their certificate. My question is how can I access the client certificate, client certificate subject or client certificate common name in the implementation of gRPC message interface?

Here is more context:

Let's assume that there is only one service NameService and one method called Add. So my .proto file will contain the following (using proto3 syntax):

service NameService {
    rpc Add(Name) returns (Empty) {}
}

message Name {
    string name = 1;
}

message Empty {
}

Then I'll have to implement the following interface in go:

type NameServiceServer interface {
    Add(context.Context, *Name) (*Empty, error)
}

In the implementation of the method Add, I'd like to read the peer certificate. How can I do so?

P.S. I am just getting started with Golang so apologies if there is an obvious answer that I have missed. Thanks in advance!

asked Jul 18 '21 at 01:08

milaniez

1,051
1
9
21

1

Does [this answer](https://stackoverflow.com/a/47307385/11810946) help? (just change `.Subject` to `.Subject.CommonName`). – Brits Jul 18 '21 at 01:31
Yes it does. Thank you, @Brits! – milaniez Jul 18 '21 at 01:54

determine client identity in mTLS gRPC server

0 Answers0