private ChannelCredentials?TryGetSecureChannelCredentials(Context context, GrpcCopyClientConfiguration?config, out string?hostName)
{
var encryptionCertificateName = Environment.GetEnvironmentVariable("__CACHE_ENCRYPTION_CERT_SUBJECT__");
var keyCertPairResult = GrpcEncryptionUtils.TryGetSecureChannelCredentials(encryptionCertificateName, out hostName);
if (keyCertPairResult.Succeeded)
{
Tracer.Debug(context, $"Found Grpc Encryption Certificate. ");
return(new SslCredentials(keyCertPairResult.Value.CertificateChain));
}
Tracer.Warning(context, $"Failed to get GRPC SSL Credentials: {keyCertPairResult}");
return(null);
}
private ServerCredentials?TryGetEncryptedCredentials(Context context, GrpcCoreServerOptions?grpcCoreServerOptions)
{
/// CODESYNC: The Environment Variable below is set by ContentAddressableStoreService in CloudBuild
string?encryptionCertificateName = Environment.GetEnvironmentVariable("__CACHE_ENCRYPTION_CERT_SUBJECT__");
var keyCertPairResult = GrpcEncryptionUtils.TryGetSecureChannelCredentials(encryptionCertificateName, out _);
if (keyCertPairResult.Succeeded)
{
Tracer.Debug(context, $"Found Grpc Encryption Certificate.");
return(new SslServerCredentials(
new List <KeyCertificatePair> {
new KeyCertificatePair(keyCertPairResult.Value.CertificateChain, keyCertPairResult.Value.PrivateKey)
},
null,
SslClientCertificateRequestType.DontRequest)); //Since this is an internal channel, client certificate is not requested or verified.
}
Tracer.Error(context, message: $"Failed to get GRPC SSL Credentials: {keyCertPairResult}");
return(null);
}
