public void InitClientAndServer(bool clientAddKeyCertPair, SslClientCertificateRequestType clientCertRequestType, VerifyPeerCallback verifyPeerCallback = null) { rootCert = File.ReadAllText(TestCredentials.ClientCertAuthorityPath); keyCertPair = new KeyCertificatePair( File.ReadAllText(TestCredentials.ServerCertChainPath), File.ReadAllText(TestCredentials.ServerPrivateKeyPath)); var serverCredentials = new SslServerCredentials(new[] { keyCertPair }, rootCert, clientCertRequestType); var clientCredentials = new SslCredentials(rootCert, clientAddKeyCertPair ? keyCertPair : null, verifyPeerCallback); // Disable SO_REUSEPORT to prevent https://github.com/grpc/grpc/issues/10755 server = new Server(new[] { new ChannelOption(ChannelOptions.SoReuseport, 0) }) { Services = { TestService.BindService(new SslCredentialsTestServiceImpl()) }, Ports = { { Host, ServerPort.PickUnused, serverCredentials } } }; server.Start(); var options = new List <ChannelOption> { new ChannelOption(ChannelOptions.SslTargetNameOverride, TestCredentials.DefaultHostOverride) }; channel = new Channel(Host, server.Ports.Single().BoundPort, clientCredentials, options); client = new TestService.TestServiceClient(channel); }
/// <summary> /// Creates server-side SSL credentials. /// </summary> /// <param name="keyCertificatePairs">Key-certificates to use.</param> /// <param name="rootCertificates">PEM encoded client root certificates used to authenticate client.</param> /// <param name="clientCertificateRequest">Options for requesting and verifying client certificate.</param> public SslServerCredentials(IEnumerable <KeyCertificatePair> keyCertificatePairs, string rootCertificates, SslClientCertificateRequestType clientCertificateRequest) { this.keyCertificatePairs = new List <KeyCertificatePair>(keyCertificatePairs).AsReadOnly(); GrpcPreconditions.CheckArgument(this.keyCertificatePairs.Count > 0, "At least one KeyCertificatePair needs to be provided."); if (clientCertificateRequest == SslClientCertificateRequestType.RequestAndRequireAndVerify) { GrpcPreconditions.CheckNotNull(rootCertificates, "Cannot require and verify client certificate unless you provide rootCertificates."); } this.rootCertificates = rootCertificates; this.clientCertificateRequest = clientCertificateRequest; }
private static ServerCredentials GetServerCredentials(SslClientCertificateRequestType sslClientCertificateRequestType) { var rootCert = File.ReadAllText("keys/ca.crt"); var serverCert = File.ReadAllText("keys/server.crt"); var serverKey = File.ReadAllText("keys/server.key"); var credentials = new SslServerCredentials( new[] { new KeyCertificatePair(serverCert, serverKey) }, rootCert, sslClientCertificateRequestType ); return(credentials); }
public static ServerCredentialsSafeHandle CreateSslCredentials(string pemRootCerts, string[] keyCertPairCertChainArray, string[] keyCertPairPrivateKeyArray, SslClientCertificateRequestType clientCertificateRequest) { GrpcPreconditions.CheckArgument(keyCertPairCertChainArray.Length == keyCertPairPrivateKeyArray.Length); return(Native.grpcsharp_ssl_server_credentials_create(pemRootCerts, keyCertPairCertChainArray, keyCertPairPrivateKeyArray, new UIntPtr((ulong)keyCertPairCertChainArray.Length), clientCertificateRequest)); }