/// <summary> /// Creates a channel/client pair with the appropriate options and interceptors. /// </summary> /// <returns>A tuple of the channel and client</returns> private async Task <GrpcClient> CreateClientAsync(DnsEndPoint remoteEndpoint) { var certificate = await RetrieveServerCertificateAsync(remoteEndpoint); if (certificate == null) { return(null); } Logger.LogDebug($"Upgrading connection to TLS: {certificate}."); ChannelCredentials credentials = new SslCredentials(TlsHelper.ObjectToPem(certificate), _clientKeyCertificatePair); var channel = new Channel(remoteEndpoint.ToString(), credentials, new List <ChannelOption> { new ChannelOption(ChannelOptions.MaxSendMessageLength, GrpcConstants.DefaultMaxSendMessageLength), new ChannelOption(ChannelOptions.MaxReceiveMessageLength, GrpcConstants.DefaultMaxReceiveMessageLength), new ChannelOption(ChannelOptions.SslTargetNameOverride, GrpcConstants.DefaultTlsCommonName) }); var nodePubkey = AsyncHelper.RunSync(() => _accountService.GetPublicKeyAsync()).ToHex(); var interceptedChannel = channel.Intercept(metadata => { metadata.Add(GrpcConstants.PubkeyMetadataKey, nodePubkey); return(metadata); }).Intercept(new RetryInterceptor()); var client = new PeerService.PeerServiceClient(interceptedChannel); return(new GrpcClient(channel, client, certificate)); }
private void CreateClientKeyCertificatePair() { var commonCertifName = "CN=" + GrpcConstants.DefaultTlsCommonName; var rsaKeyPair = TlsHelper.GenerateRsaKeyPair(); var clientCertificate = TlsHelper.GenerateCertificate(new X509Name(commonCertifName), new X509Name(commonCertifName), rsaKeyPair.Private, rsaKeyPair.Public); _clientKeyCertificatePair = new KeyCertificatePair(TlsHelper.ObjectToPem(clientCertificate), TlsHelper.ObjectToPem(rsaKeyPair.Private)); }
private SslServerCredentials CreateCredentials() { var commonCertifName = "CN=" + GrpcConstants.DefaultTlsCommonName; // Generate the servers rsa key pair and self-signed certificate. var rsaKeyPair = TlsHelper.GenerateRsaKeyPair(); var certificate = TlsHelper.GenerateCertificate(new X509Name(commonCertifName), new X509Name(commonCertifName), rsaKeyPair.Private, rsaKeyPair.Public); var keyCertificatePair = new KeyCertificatePair(TlsHelper.ObjectToPem(certificate), TlsHelper.ObjectToPem(rsaKeyPair.Private)); return(new SslServerCredentials(new List <KeyCertificatePair> { keyCertificatePair })); }