forked from hswaw/hscloud
Add clientside code for gRPC
This commit is contained in:
parent
52478b5627
commit
624295da66
1 changed files with 22 additions and 0 deletions
22
grpc.go
22
grpc.go
|
@ -192,3 +192,25 @@ func WithServerHSPKI() []grpc.ServerOption {
|
||||||
|
|
||||||
return []grpc.ServerOption{creds, interceptor}
|
return []grpc.ServerOption{creds, interceptor}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func WithClientHSPKI() grpc.DialOption {
|
||||||
|
certPool := x509.NewCertPool()
|
||||||
|
ca, err := ioutil.ReadFile(flagCAPath)
|
||||||
|
if err != nil {
|
||||||
|
glog.Exitf("WithClientHSPKI: cannot load CA certificate: %v", err)
|
||||||
|
}
|
||||||
|
if ok := certPool.AppendCertsFromPEM(ca); !ok {
|
||||||
|
glog.Exitf("WithClientHSPKI: cannot use CA certificate: %v", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
clientCert, err := tls.LoadX509KeyPair(flagCertificatePath, flagKeyPath)
|
||||||
|
if err != nil {
|
||||||
|
glog.Exitf("WithClientHSPKI: cannot load service certificate/key: %v", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
creds := credentials.NewTLS(&tls.Config{
|
||||||
|
Certificates: []tls.Certificate{clientCert},
|
||||||
|
RootCAs: certPool,
|
||||||
|
})
|
||||||
|
return grpc.WithTransportCredentials(creds)
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue