[grpc-web] Looking for Hello world example that uses SSL/TLS
118 views
Skip to first unread message
Rob Cecil
Feb 26, 2020, 12:09:00 PM2/26/20
to grpc.io
Hi,
In the browser context, what is the usage scenario for configuring credentials (and also, but less important atm, options)?
I have referred back to the Hello World example many times whilst building a ReactJS client to our existing gRPC investment, including the adoption of Envoy, Docker, etc. Now I'm at a juncture where I need to enable SSL/TLS in the browser.
I have followed the steps here to setup a development proxy with certs: https://www.envoyproxy.io/learn/ssl
But I am at a loss on finding any good code examples on setting up the gRPC client in JS (TS). Most, if not all, online examples you will see:
let apiClient = new APIServicePromiseClient(hostAndPort, null, null);
i.e. credentials and options are optional and nulled.
The ctor for my generated client stub:
constructor (hostname: string,
credentials?: null | { [index: string]: string; },
options?: null | { [index: string]: string; });(Presuming I have followed the steps above in the Envoyproxy documentation, I have self-signed a cert.)
Thanks for any help. I have scoured the bug list but this is where I ended up:
https://github.com/grpc/grpc-web/issues/40
https://github.com/grpc/grpc-web/issues/40
Thanks!
stanle...@google.com
Mar 9, 2020, 3:24:34 AM3/9/20
to grpc.io
If you are only talking about SSL, this is between your browser and your Envoy instance - there is, I believe, a section under "tls_context", where you can specify TLS certificates and stuff, in your Envoy config yaml file. There's nothing you need to configure your grpc-web client for that.
Now if you want to send credentials headers through the Envoy instances to your backend, then you can add those as key:value pair in the "metadata" argument per RPC method.
Rob Cecil
Mar 11, 2020, 12:27:30 PM3/11/20
to grpc.io
Thanks Stanley.
I am already sending an access token via header metadata.
I'm coming from programming against Grpc clients in c# and Objc, and the ctors in those cases I think take sslChannel type objects. I''ve got the tls_context section setup and am in the process of testing. Thanks!!
I am already sending an access token via header metadata.
I'm coming from programming against Grpc clients in c# and Objc, and the ctors in those cases I think take sslChannel type objects. I''ve got the tls_context section setup and am in the process of testing. Thanks!!
Reply all
Reply to author
Forward
0 new messages