![](/img/trans.png)
[英]GRPC With Ruby: How To Call Ruby Methods In App From GRPC Server?
[英]Ruby's grpc(v1.3.2) gem SSL/TLS connection issue with grpc server built entirely in golang
最近,我试图使用rubygem grpc版本1.3.2作为一个clinet并连接到一个由golang构建的grpc服务器。 我浏览了GRPC.IO的文档并将其用于我的代码中。
irb(main):017:0> GRPC::Core::Credentials.new(File.read(CA_FILE_PATH))
NameError: uninitialized constant GRPC::Core::Credentials
from (irb):17
from /usr/local/share/gems/gems/railties-4.2.1/lib/rails/commands/console.rb:110:in `start'
from /usr/local/share/gems/gems/railties-4.2.1/lib/rails/commands/console.rb:9:in `start'
from /usr/local/share/gems/gems/railties-4.2.1/lib/rails/commands/commands_tasks.rb:68:in `console'
from /usr/local/share/gems/gems/railties-4.2.1/lib/rails/commands/commands_tasks.rb:39:in `run_command!'
from /usr/local/share/gems/gems/railties-4.2.1/lib/rails/commands.rb:17:in `<top (required)>'
from bin/rails:4:in `require'
from bin/rails:4:in `<main>'
但是他们的文件特别说,
creds = GRPC::Core::Credentials.new(load_certs) # load_certs typically loads a CA roots file
stub = Helloworld::Greeter::Stub.new('myservice.example.com', creds)
然后我遇到了ChannelCredentials ,并且信用卡应该是ChannelCredentials对象或符号(例如:this_channel_is_insecure )。 因此,我也尝试了一下。
我从grpc gem的源代码本身中获取了以下函数。 在rspec测试用例中调用此函数来加载证书:
def load_certs
data_dir = "#{Rails.root}/certs"
files = ['ca.pem', 'server.key', 'server.pem']
files.map { |f| File.open(File.join(data_dir, f)).read }
end
然后我试了一下,
channel_creds = GRPC::Core::ChannelCredentials.new(load_certs)
stub = Helloworld::Greeter::Stub.new('myservice.example.com', channel_creds)
但上面的失败了
E0619 09:59:10.410575570 14208 ssl_transport_security.c:601] Could not load any root certificate.
E0619 09:59:10.410604954 14208 ssl_transport_security.c:1315] Cannot load server root certificates.
E0619 09:59:10.410622519 14208 security_connector.c:837] Handshaker factory creation failed with TSI_INVALID_ARGUMENT.
我也尝试过:
channel_creds = GRPC::Core::ChannelCredentials.new(File.read(CA_FILE_PATH))
stub = Helloworld::Greeter::Stub.new('myservice.example.com', creds)
但我得到的只是日志或rpc服务器的错误:
2017/06/16 10:52:34 transport: http2Server.HandleStreams failed to receive the preface from client: EOF
2017/06/16 10:53:35 transport: http2Server.HandleStreams failed to receive the preface from client: EOF
2017/06/16 10:53:59 transport: http2Server.HandleStreams failed to receive the preface from client: EOF
2017/06/16 10:55:06 transport: http2Server.HandleStreams failed to receive the preface from client: EOF
有没有人成功尝试过启用SSL / TLS的这个Ruby客户端Golang服务器组合?
creds应该是ChannelCredentials对象或符号
the ::this_channel_is_insecure
symbol (if the latter is passed, an insecure connection will be used). 是客户端存根构造函数的第二个参数(creds参数),应该是GRPC::Core::ChannelCredentials
对象,或者是::this_channel_is_insecure
符号(如果传递后者,将使用不安全的连接)。
我注意到使用的测试
def load_certs
data_dir = "#{Rails.root}/certs"
files = ['ca.pem', 'server.key', 'server.pem']
files.map { |f| File.open(File.join(data_dir, f)).read }
end
private key and certificate chain (that specific test I believe doesn't use the key and cert chain). 实际上可能会产生误导,因为只使用私钥和证书链构建通道凭证才有意义(我认为特定的测试不使用密钥和证书链)。
在GRPC::Core::ChannelCredentials
构造函数上:
可以使用三种形式(在https://github.com/grpc/grpc/blob/master/src/ruby/ext/grpc/rb_channel_credentials.c#L128中的构造函数代码上面有一条注释他们),但选项是:
Credentials.new()
Credentials.new(pem_root_certs)
Credentials.new(pem_root_certs, pem_private_key, pem_cert_chain)
在所有情况下,根文件,私钥和证书链参数都是pem编码的字符串。
请注意,如果未传递任何参数(使用Credentials.new()
),则将按照此标头注释中的说明找到服务器根证书(请参阅服务器根证书参数为null时的行为说明)。 to use a private key and cert chain. 只有在您希望使用私钥和证书链时才需要最后一个构造函数。
我可以确认这是有效的。
channel_creds = GRPC::Core::ChannelCredentials.new(File.read("/home/user/.lnd/tls.cert"))
stub = Lnrpc::Lightning::Stub.new("127.0.0.1:10009", channel_creds)
obj = Lnrpc::GetInfoRequest.new
pp stub.get_info(obj)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.