Golang TLS 握手错误 - “第一条记录看起来不像 TLS 握手”?
[英]Golang TLS handshake error - "first record does not look like a TLS handshake"?
问题描述
Client-side code
客户端代码
tlsconf := &tls.Config{InsecureSkipVerify: true}
creds := credentials.NewTLS(tlsconf)
opts = append(opts, grpc.WithTransportCredentials(creds))
conn, err := grpc.Dial(endpoint, opts...)
// handle error and other cases
The server registers the service properly.服务器正确注册服务。 The code for that is given below.下面给出了代码。
if err := s.registerServices(); err != nil {
err = errors.Wrap(err, "unable to register services")
return err
}
Here s is my s *Server (a pointer to my struct ).这里s是我s *Server (指向我的struct的指针)。
type Server struct {
s *grpc.Server
conf *config
listener net.Listener
}
But when I try to serve the request using s.Serve() , it gives me this tls handshake error:但是当我尝试使用s.Serve()服务于请求时,它给了我这个 tls 握手错误:
transport: authentication handshake failed: tls: first record does not look like a TLS handshake
1 个解决方案
解决方案1
1 2022-05-02 14:37:55
Your creds seems weird.你的信用似乎很奇怪。 I saw this error when I tried sending secured data on an unsecured connection.当我尝试在不安全的连接上发送安全数据时,我看到了这个错误。
Looking at the documentation - you're misusing the config:查看文档 - 您滥用了配置:
// InsecureSkipVerify controls whether a client verifies the server's
// certificate chain and host name. If InsecureSkipVerify is true, crypto/tls
// accepts any certificate presented by the server and any host name in that
// certificate. In this mode, TLS is susceptible to machine-in-the-middle
// attacks unless custom verification is used. This should be used only for
// testing or in combination with VerifyConnection or VerifyPeerCertificate.
Try using instead this DialOption:尝试改用此 DialOption:
grpc.WithInsecure()
So to be precise:所以准确地说:
address := ...
conn, err := grpc.Dial(address, grpc.WithInsecure())
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.