- 生成.pem和.key文件
- server.go文件
package main
import (
"crypto/tls"
"crypto/x509"
"google.golang.org/grpc"
"google.golang.org/grpc/credentials"
"io/ioutil"
"learnProto/services/proto"
"net"
)
func main(){
cert, _ := tls.LoadX509KeyPair("cert/server.pem", "cert/server.key")
certPool := x509.NewCertPool()
ca, _ := ioutil.ReadFile("cert/ca.pem")
certPool.AppendCertsFromPEM(ca)
creds := credentials.NewTLS(&tls.Config{
Certificates: []tls.Certificate{cert},
ClientAuth: tls.RequireAndVerifyClientCert,
ClientCAs: certPool,
})
rpcServer := grpc.NewServer(grpc.Creds(creds))
proto.RegisterProdServiceServer(rpcServer,new(proto.ProdService))
lis, _ := net.Listen("tcp", ":8081")
rpcServer.Serve(lis)
}
- client.go文件
package main
import (
"context"
"crypto/tls"
"crypto/x509"
"fmt"
"google.golang.org/grpc"
"google.golang.org/grpc/credentials"
"io/ioutil"
"learnProto/services/proto"
"log"
)
func main(){
cert, _ := tls.LoadX509KeyPair("cert/client.pem", "cert/client.key")
certPool := x509.NewCertPool()
ca, _ := ioutil.ReadFile("cert/ca.pem")
certPool.AppendCertsFromPEM(ca)
creds := credentials.NewTLS(&tls.Config{
Certificates: []tls.Certificate{cert},
ServerName: "localhost",
RootCAs: certPool,
})
conn, err := grpc.Dial(":8081",grpc.WithTransportCredentials(creds))
if err!=nil {
log.Fatal(err)
}
defer conn.Close()
productClient := proto.NewProdServiceClient(conn)
productRes, err := productClient.GetProdStock(context.Background(), &proto.ProdRequset{
ProdId: 66,
})
if err!=nil{
log.Fatal(err)
}
fmt.Println(productRes.ProdStock)
}