gpt4 book ai didi

c# - c# 中 grpc 的 SSL/TSL 支持

转载 作者:行者123 更新时间:2023-11-30 22:59:09 26 4
gpt4 key购买 nike

我尝试使用 SSL/TLS 实现 gRPC,我阅读了有关如何实现 SSL/TLS 的文档,但这不起作用,我找到了一个 stackoverflow 页面 TLS support for GRPC in C#关于如何实现 TLS 支持,但这同样不起作用。

我正在使用 C#,但我有一个 Java 实现,我尝试将 C# 服务与 Java 客户端连接并且可以工作,但是当我尝试将 C# 客户端与 C# 服务器连接时,它不起作用,即使我尝试将 C# 客户端与 Java 服务器连接,但没有成功。

我使用的是 greet protos 和 Visual studio 2015

根据文档,此代码必须有效

首先我尝试将其用于客户端:

SslCredentials secureChanel = new SslCredentials(File.ReadAllText("ssl/ca.crt"));
Channel channel = new Channel("localhost", 50051, secureChanel);

然后我为此更改了代码:

var rootCert = File.ReadAllText("ssl/ca.crt");
var keyCertPair = new KeyCertificatePair(

File.ReadAllText("ssl/server.crt"),
File.ReadAllText("ssl/server.pem"));

var clientCredentials = new SslCredentials(rootCert, keyCertPair);

var options = new List<ChannelOption>
{
new ChannelOption(ChannelOptions.SslTargetNameOverride, "DESKTOP-3HLH093")
};

Channel channel = new Channel("localhost", 50051, clientCredentials, options);

有人有想法或可以帮助我知道哪里出了问题吗?或者我需要做什么才能知道如何解决?

可能是一个例子

这是我的客户端代码:

using System;
using Grpc.Core;
using System.IO;
using Greet;
using System.Collections.Generic;

namespace Nuxiba.Sever.Test.pruebaGrpcClient
{
class Program
{
static void Main(string[] args)
{
Console.WriteLine("Test Server with gRPC");

var rootCert = File.ReadAllText("ssl/ca.crt");
var keyCertPair = new KeyCertificatePair(
File.ReadAllText("ssl/server.crt"),
File.ReadAllText("ssl/server.pem"));

var clientCredentials = new SslCredentials(rootCert, keyCertPair);

var options = new List<ChannelOption>
{
new ChannelOption(ChannelOptions.SslTargetNameOverride, "DESKTOP-3HLH093")
};

Channel channel = new Channel("localhost", 50051, clientCredentials, options);

greet_test(channel);

channel.ShutdownAsync().Wait();
Console.WriteLine("Press any key to exit...");
Console.ReadKey();
}

public static void greet_test(Channel channel)
{
var greetCliente = new GreetService.GreetServiceClient(channel);

Greeting greeting = new Greeting();
greeting.FirstName = "John";
greeting.LastName = "XXXX";

Console.WriteLine(greeting);

GreetRequest callIR = new GreetRequest();
callIR.Greeting= greeting;

GreetResponse callResponse = greetCliente.Greet(callIR); //, new CallOptions().WithWaitForReady(true));
Console.WriteLine("respuesta: " + callResponse.Result);
}
}
}

这是我的服务器代码:

using System;
using Grpc.Core;
using System.IO;
using System.Collections.Generic;
using Greet;

namespace Nuxiba.Sever.Test.pruebaGrpcServer
{
class Program
{
static void Main(string[] args)
{
Console.WriteLine("Test Server with gRPC");

//ssl
List<KeyCertificatePair> certificados = new List<KeyCertificatePair>();
certificados.Add(new KeyCertificatePair(File.ReadAllText("ssl/server.crt"), File.ReadAllText("ssl/server.pem")));
ServerCredentials servCred = new SslServerCredentials(certificados);

Server server = new Server
{
//Services = { TarificadorService.BindService(new TarificadorServiceImpl()) },
Services = { GreetService.BindService(new GreetServicesImpl()) },
Ports = { new ServerPort("localhost", 50051, servCred) }
};

server.Start();

Console.WriteLine("Greeter server listening on port: 50051 ");
Console.WriteLine("Press any key to stop the server...");
Console.ReadKey();

server.ShutdownAsync().Wait();

}
}
}

这是我的实现代码:

using System.Threading.Tasks;
using Grpc.Core;

namespace Nuxiba.Sever.Test.pruebaGrpcServer
{
class TarificadorServiceImpl : TarificadorService.TarificadorServiceBase
{
public override Task<CallInfoResponse> CallInfo(CallInfoRequest request, ServerCallContext context)
{
CallingInfo ci = request.CallingInfo;
uint Cal_id = ci.Callid;

CallInfoResponse response = new CallInfoResponse();
response.RegsAmount = Cal_id;

return Task.FromResult(response);
//return Task.FromResult(new CallInfoResponse { RegsAmount = Cal_id });
}
}
}

应用程序的错误是“连接拒绝”

这是完整的日志:

D0924 14:26:24.375269 Grpc.Core.Internal.UnmanagedLibrary Attempting to load native library "X:\desarrollos\pruebaGrpc\pruebaGrpcClient\bin\Debug\grpc_csharp_ext.x86.dll"
D0924 14:26:24.554956 Grpc.Core.Internal.NativeExtension gRPC native library loaded successfully.
D0924 14:26:24.634740 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\resolver\dns\native\dns_resolver.cc:348: Using native dns resolver
{ "firstName": "Armando", "lastName": "Rodriguez" }
I0924 14:26:25.100637 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\lib\surface\call.cc:642: OP[client-channel:05DBD400]: SEND_INITIAL_METADATA{key=3a 70 61 74 68 ':path' value=2f 67 72 65 65 74 2e 47 72 65 65 74 53 65 72 76 69 63 65 2f 47 72 65 65 74 '/greet.GreetService/Greet'} SEND_MESSAGE:flags=0x00000000:len=22 SEND_TRAILING_METADATA{} RECV_INITIAL_METADATA RECV_MESSAGE RECV_TRAILING_METADATA
D0924 14:26:25.101644 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\resolver\dns\native\dns_resolver.cc:289: Start resolving.
E0924 14:26:25.340996 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\tsi\ssl_transport_security.cc:1229: Handshake failed with fatal error SSL_ERROR_SSL: error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED.
D0924 14:26:25.340996 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\lib\security\transport\security_handshaker.cc:129: Security handshake failed: {"created":"@1537817185.341000000","description":"Handshake failed","file":"T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\lib\security\transport\security_handshaker.cc","file_line":248,"tsi_code":10,"tsi_error":"TSI_PROTOCOL_FAILURE"}
I0924 14:26:25.342000 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\subchannel.cc:668: Connect failed: {"created":"@1537817185.341000000","description":"Handshake failed","file":"T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\lib\security\transport\security_handshaker.cc","file_line":248,"tsi_code":10,"tsi_error":"TSI_PROTOCOL_FAILURE"}
E0924 14:26:25.407816 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\tsi\ssl_transport_security.cc:1229: Handshake failed with fatal error SSL_ERROR_SSL: error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED.
D0924 14:26:25.407816 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\lib\security\transport\security_handshaker.cc:129: Security handshake failed: {"created":"@1537817185.408000000","description":"Handshake failed","file":"T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\lib\security\transport\security_handshaker.cc","file_line":248,"tsi_code":10,"tsi_error":"TSI_PROTOCOL_FAILURE"}
I0924 14:26:25.408815 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\subchannel.cc:668: Connect failed: {"created":"@1537817185.408000000","description":"Handshake failed","file":"T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\lib\security\transport\security_handshaker.cc","file_line":248,"tsi_code":10,"tsi_error":"TSI_PROTOCOL_FAILURE"}
I0924 14:26:25.408815 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\subchannel.cc:492: Subchannel 013E3B50: Retry in 767 milliseconds
D0924 14:26:25.409810 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\resolver\dns\native\dns_resolver.cc:265: In cooldown from last resolution (from 307 ms ago). Will resolve again in 693 ms
D0924 14:26:25.409810 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\resolver\dns\native\dns_resolver.cc:289: Start resolving.
I0924 14:26:25.423798 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\lib\surface\call.cc:642: OP[client-channel:05DBD400]: CANCEL:{"created":"@1537817185.424000000","description":"Failed to create subchannel","file":"T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\client_channel.cc","file_line":2636,"referenced_errors":[{"created":"@1537817185.410000000","description":"Pick Cancelled","file":"T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\lb_policy\pick_first\pick_first.cc","file_line":241,"referenced_errors":[{"created":"@1537817185.408000000","description":"Connect Failed","file":"T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\subchannel.cc","file_line":663,"grpc_status":14,"referenced_errors":[{"created":"@1537817185.408000000","description":"Handshake failed","file":"T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\lib\security\transport\security_handshaker.cc","file_line":248,"tsi_code":10,"tsi_error":"TSI_PROTOCOL_FAILURE"}]}]}]}
I0924 14:26:25.426771 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\lib\surface\call.cc:642: OP[client-channel:05DBD400]: CANCEL:{"created":"@1537817185.424000000","description":"Failed to create subchannel","file":"T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\client_channel.cc","file_line":2636,"referenced_errors":[{"created":"@1537817185.410000000","description":"Pick Cancelled","file":"T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\lb_policy\pick_first\pick_first.cc","file_line":241,"referenced_errors":[{"created":"@1537817185.408000000","description":"Connect Failed","file":"T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\subchannel.cc","file_line":663,"grpc_status":14,"referenced_errors":[{"created":"@1537817185.408000000","description":"Handshake failed","file":"T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\lib\security\transport\security_handshaker.cc","file_line":248,"tsi_code":10,"tsi_error":"TSI_PROTOCOL_FAILURE"}]}]}]}
I0924 14:26:28.737748 98788968 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\subchannel.cc:452: Failed to connect to channel, retrying
E0924 14:26:29.479174 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\tsi\ssl_transport_security.cc:1229: Handshake failed with fatal error SSL_ERROR_SSL: error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED.
D0924 14:26:29.480172 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\lib\security\transport\security_handshaker.cc:129: Security handshake failed: {"created":"@1537817189.480000000","description":"Handshake failed","file":"T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\lib\security\transport\security_handshaker.cc","file_line":248,"tsi_code":10,"tsi_error":"TSI_PROTOCOL_FAILURE"}
I0924 14:26:29.481170 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\subchannel.cc:668: Connect failed: {"created":"@1537817189.480000000","description":"Handshake failed","file":"T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\lib\security\transport\security_handshaker.cc","file_line":248,"tsi_code":10,"tsi_error":"TSI_PROTOCOL_FAILURE"}
I0924 14:26:29.482166 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\subchannel.cc:490: Subchannel 05DC3678: Retry immediately
I0924 14:26:29.482166 0 T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\subchannel.cc:452: Failed to connect to channel, retrying

最佳答案

我找到了一个解决方案,根据注册表,问题是当客户端尝试验证证书时,我发现了这个关于类似问题的链接,它让我知道了如何解决我的问题https://groups.google.com/forum/#!topic/grpc-io/pJnoc_MHkfc

最后是客户端代码:

SslCredentials secureChanel = new SslCredentials(File.ReadAllText("ssl/server.crt"));
Channel channel = new Channel("localhost", 50051, secureChanel);

这是服务器代码:

List<KeyCertificatePair> certificados = new List<KeyCertificatePair>();
certificados.Add(new KeyCertificatePair(File.ReadAllText("ssl/server.crt"), File.ReadAllText("ssl/server.pem")));
ServerCredentials servCred = new SslServerCredentials(certificados);
//ServerCredentials servCred = new SslServerCredentials(certificados, File.ReadAllText("ssl/ca.crt"),true);

Server server = new Server
{
//Services = { TarificadorService.BindService(new TarificadorServiceImpl()) },
Services = { GreetService.BindService(new GreetServicesImpl()) },
Ports = { new ServerPort("localhost", 50051, servCred) }
};

关于c# - c# 中 grpc 的 SSL/TSL 支持,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/52433029/

26 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com