I have a Golang GRPC running on computer A.
(Just for reference)
func main() {
//GRPC server setup.
certFile := "ssl/server.crt"
keyFile := "ssl/server.pem"
creds, err := credentials.NewServerTLSFromFile(certFile, keyFile)
opts := grpc.Creds(creds)
go func() {
listen, err := net.Listen("tcp", ":50051")
s := grpc.NewServer(opts)
if err := s.Serve(listen); err != nil
}()
I have a Python client on computer B.
with open("ssl/server.crt", "rb") as fp:
root_cert = fp.read()
creds = grpc.ssl_channel_credentials(
root_certificates=root_cert,
)
channel = grpc.secure_channel("192.168.1.86:50051", creds)
I can connect insecurely. No issues there.
But while using SSL it is failing. (I lack knowledge on how SSL works).
Error: <_InactiveRpcError of RPC that terminated with:
status = StatusCode.UNAVAILABLE
details = "failed to connect to all addresses"
debug_error_string = "{"created":"@1635930204.264242615","description":"Failed to pick subchannel","file":"src/core/ext/filters/client_channel/client_channel.cc","file_line":3008,"referenced_errors":[{"created":"@1635930204.264231254","description":"failed to connect to all addresses","file":"src/core/ext/filters/client_channel/lb_policy/pick_first/pick_first.cc","file_line":397,"grpc_status":14}]}"
This is the file (instructions.sh) I use to generate SSL certificates.
#!/bin/bash
SERVER_CN=localhost
openssl genrsa -passout pass:1111 -des3 -out ca.key 4096
openssl req -passin pass:1111 -new -x509 -days 3650 -key ca.key -out ca.crt -subj "/CN=${SERVER_CN}"
openssl genrsa -passout pass:1111 -des3 -out server.key 4096
openssl req -passin pass:1111 -new -key server.key -out server.csr -subj "/CN=${SERVER_CN}"
openssl x509 -req -passin pass:1111 -days 3650 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt
openssl pkcs8 -topk8 -nocrypt -passin pass:1111 -in server.key -out server.pem
Also it would've been a huge help if some could point out if i'm using the certificate files appropriately.
Thank you.