我想知道需要在GrpcSslContext中设置什么才能让Grpc Client与服务器进行SSL身份验证?
目前,以下代码适用于从服务器到客户端的常规单向SSL身份验证.
在服务器上,
SslContext sslContext = GrpcSslContexts.forServer(new File(pathToOwnCertPemFile), new File(pathToOwnPrivateKeyPemFile)).trustManager(new File(pathToClientCertPemFile)).build();
ServerImpl server = NettyServerBuilder
.forPort(port)
.sslContext(sslContext)
.addService(MyGrpc.bindService(new MyGrpcService()))
.build().start();
在客户端,
SslContext sslContext = GrpcSslContexts.forClient().trustManager(new File(pathToServerCertPemFile)).keyManager(new File(pathToOwnCertPemFile), new File(pathToOwnPrivateKeyPemFile)).build();
ChannelImpl channel = NettyChannelBuilder.forAddress(host, port)
.negotiationType(NegotiationType.TLS)
.sslContext(sslContext).build();
blockingStub = MyGrpc.newBlockingStub(channel);
asy