Certificates / SSL
33 views
Skip to first unread message
Claus Volko
May 22, 2024, 3:13:23 AM5/22/24
to grpc.io
Hello,
I have a problem related to certificates / SSL.
I've taken the files from:
In my nodejs server application I wrote:
http2
.createSecureServer(
{
key: readFileSync("localhost.key", "utf8"),
cert: readFileSync("localhost.crt", "utf8"),
allowHTTP1: true,
},
handler
)
.listen(8443, () => {
stdout.write("The server is listening on https://localhost:8443\n");
});
.createSecureServer(
{
key: readFileSync("localhost.key", "utf8"),
cert: readFileSync("localhost.crt", "utf8"),
allowHTTP1: true,
},
handler
)
.listen(8443, () => {
stdout.write("The server is listening on https://localhost:8443\n");
});
In my C++ client application I wrote:
grpc::SslCredentialsOptions ssl_options;
std::ifstream t0("root.crt");
std::stringstream buffer0;
buffer0 << t0.rdbuf();
ssl_options.pem_root_certs = buffer0.str();
std::ifstream t1("localhost.crt");
std::stringstream buffer1;
buffer1 << t1.rdbuf();
ssl_options.pem_cert_chain = buffer1.str();
std::ifstream t2("localhost.key");
std::stringstream buffer2;
buffer2 << t2.rdbuf();
ssl_options.pem_private_key = buffer2.str();
auto channel_creds = grpc::SslCredentials(grpc::SslCredentialsOptions());
OctantsClient client(
grpc::CreateCustomChannel(target_str, channel_creds, channelArgs));
std::ifstream t0("root.crt");
std::stringstream buffer0;
buffer0 << t0.rdbuf();
ssl_options.pem_root_certs = buffer0.str();
std::ifstream t1("localhost.crt");
std::stringstream buffer1;
buffer1 << t1.rdbuf();
ssl_options.pem_cert_chain = buffer1.str();
std::ifstream t2("localhost.key");
std::stringstream buffer2;
buffer2 << t2.rdbuf();
ssl_options.pem_private_key = buffer2.str();
auto channel_creds = grpc::SslCredentials(grpc::SslCredentialsOptions());
OctantsClient client(
grpc::CreateCustomChannel(target_str, channel_creds, channelArgs));
When I run my client after starting up the server I get these errors:
WARNING: All log messages before absl::InitializeLog() is called are written to STDERR
E0000 00:00:1716361898.830114 17196 ssl_transport_security.cc:1653] Handshake failed with fatal error SSL_ERROR_SSL: error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED.
E0000 00:00:1716361898.863037 17196 ssl_transport_security.cc:1653] Handshake failed with fatal error SSL_ERROR_SSL: error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED.
14: failed to connect to all addresses; last error: UNKNOWN: ipv4:127.0.0.1:8443: Ssl handshake failed: SSL_ERROR_SSL: error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED
E0000 00:00:1716361898.830114 17196 ssl_transport_security.cc:1653] Handshake failed with fatal error SSL_ERROR_SSL: error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED.
E0000 00:00:1716361898.863037 17196 ssl_transport_security.cc:1653] Handshake failed with fatal error SSL_ERROR_SSL: error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED.
14: failed to connect to all addresses; last error: UNKNOWN: ipv4:127.0.0.1:8443: Ssl handshake failed: SSL_ERROR_SSL: error:1000007d:SSL routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED
What's wrong?
Claus Volko
May 22, 2024, 6:23:13 AM5/22/24
to grpc.io
OK, I found the error in the C++ code.
Reply all
Reply to author
Forward
0 new messages