automatic download of SSL certificate from GRPC server

21 views
Skip to first unread message

Sureshbabu Seshadri

unread,
May 3, 2022, 10:28:41 AMMay 3
to grpc.io
We have C++ GRPC client (at windows) and c++ GRPC server (at Linux) and like to communicate server using SSL for encrypted transfer of messages.

We have implemented the SSL server and able to communicate to it by establishing secure channel from client, however the flip side is currently we are manually deploying SSL server certificate in the client machines.

We have an alternate work around RUN another GRPC server as insecure and establish insecure connection from client to get server certificate and then communicate to actual server as secured for rest of communications.  However our consumers do not want multiple ports to be opened in the server.

Considering the above scenario, is there way to get server certificate automatically from secure server itself by establishing insecure connection initially to get certificate and then continue secure connection for the rest of the APIs.

Thanks in advance

sanjay...@google.com

unread,
May 25, 2022, 4:46:55 PMMay 25
to grpc.io
It might be easier to use curl or openssl command to get the server side cert and save it in a pem file to add to your trustStore on the client side. e.g. https://daniel.haxx.se/blog/2018/11/07/get-the-ca-cert-for-curl/
Reply all
Reply to author
Forward
0 new messages