You can use NettyChannelBuilder overrideAuthority to match the server identity which is not recommended for security reasons
On Monday, February 25, 2019 at 6:12:42 AM UTC-8, [email protected] wrote: > > Hi, > > I am a newbie with certificates. I have a simple Grpc Server and client > and would like to use ssl. The way I did it is the following: > > Generate keys with the following command > openssl req -newkey rsa:2048 -nodes -keyout server.key -x509 -days 365 > -out server.crt > > On the server: > std::shared_ptr<grpc::ServerCredentials> creds; > std::string serverKey = readCert("/home/pi/updater/server.key"); > std::string serverCrt = readCert("/home/pi/updater/server.crt"); > grpc::SslServerCredentialsOptions ssl_opts; > grpc::SslServerCredentialsOptions::PemKeyCertPair p = > {serverKey,serverCrt}; > ssl_opts.pem_key_cert_pairs.push_back(p); > ssl_opts.pem_root_certs=""; > auto channel_creds = grpc::SslServerCredentials(ssl_opts); > ServerBuilder builder; > // Listen on the given address without any authentication mechanism. > builder.AddListeningPort(server_address, channel_creds); > > On the client: > std::string serverCrt = readCert("/home/pi/sslkeys/server.crt"); > grpc::SslCredentialsOptions ssl_opts; > ssl_opts.pem_root_certs=serverCrt; > auto ssl_creds = grpc::SslCredentials(ssl_opts); > const std::string ipaddr = "10.10.12.21"; > UpdateServiceClient updater(grpc::CreateChannel( > ipaddr+":"+port, ssl_creds)); > > When I try to connect, I get the following error on the server: > E0225 13:48:31.569300942 18727 ssl_transport_security.cc:1566] No match > found for server name: 10.10.12.21. > > How can I solve this? > Thanks for your help, > -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/grpc-io. To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/2a268187-6481-4111-b13e-e8d328a672e2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
