Getting SIGABRT when starting service with TLS

[Tim]

Hi, I'm getting a SIGABRT when starting a gRPC service using TLS.

std::shared_ptr<grpc::experimental::FileWatcherCertificateProvider> cert_provider(new grpc::experimental::FileWatcherCertificateProvider(server_key_path, server_cert_path, ca_cert_path, 10));

grpc::experimental::TlsServerCredentialsOptions tlsOpts(cert_provider); 

tlsOpts.set_cert_request_type(grpc_ssl_client_certificate_request_type::GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY); 

std::shared_ptr<grpc::ServerCredentials> tlsCreds = grpc::experimental::TlsServerCredentials(tlsOpts);

builder.AddListeningPort(uri, tlsCreds);

builder.BuildAndStart();

Is there some other precondition I'm missing?

[apo...@google.com]

Are there any logs leading up to this? If the the SIGABRT is coming from gRPC, I'd expect to see a log of the source code line that triggered the abort.

If the issue is still not obvious, a runnable repro might help.

[Tim]

Not really. gRPC logs are enabled through an env var, and even then, you need to enable specific components.

Anyway, I found the fix was I needed to call 

tlsOpts.watch_root_certs();

tlsOpts.watch_identity_key_cert_pairs();

If these need to be called, I don't see why I should have to call them instead of the constructor calling them, but that resolves it.