我需要使用 gRPC 进行双向流,其中客户端是 .Net Framework 项目,由于遗留问题,无法升级到 .NET5+。
在阅读微软文档时,我可以看到应该使用 WinHttpHandler ( https://learn.microsoft.com/en-us/aspnet/core/grpc/netstandard?view=aspnetcore-5.0 )。
但是我在使用 SSL 进行此设置时似乎遇到了问题,有人建议如何解决此问题吗?
我收到以下错误:
"InvalidOperationException: SslCredentials with non-null arguments is not supported by GrpcChannel. GrpcChannel uses HttpClient to make gRPC calls and HttpClient automatically loads root certificates from the operating system certificate store. Client certificates should be configured on HttpClient. See https://aka.ms/aspnet/grpc/certauth for details."
我的服务器设置如下:
let cacert = File.ReadAllText(@"ca.crt");
let servercert = File.ReadAllText(@"server.crt");
let serverkey = File.ReadAllText(@"server.key");
let certificatePair = new KeyCertificatePair(servercert, serverkey);
let certList = new System.Collections.Generic.List<KeyCertificatePair>()
certList.Add(certificatePair)
let server = new Server()
server.Services.Add(EventSubscriberService.EventSubscriberServiceMethodBinder.BindService(new EventSubscriber()))
server.Ports.Add(new ServerPort("localhost", 5001,SslServerCredentials(certList,cacert,false)))
|> ignore'''
客户端使用此设置:
let cacert = File.ReadAllText(@"ca.crt");
let clientcert = File.ReadAllText(@"client.crt");
let clientkey = File.ReadAllText(@"client.key");
let ssl = new SslCredentials(cacert, new KeyCertificatePair(clientcert, clientkey))
let channelOptions = GrpcChannelOptions()
channelOptions.HttpHandler <- new WinHttpHandler()
channelOptions.Credentials <- ssl
let channel = GrpcChannel.ForAddress("http://127.0.0.1:5001",channelOptions)
它是用 F# 编写的,但与此 C# 代码类似(如果引用有助于提高可读性)。 How to enable server side SSL for gRPC?
最佳答案
可能按照以下方式(草稿)应该有效:
open System.Net.Http
open Grpc.Net.Client
open System.Security.Cryptography.X509Certificates
let clientCert = new X509Certificate() // create according to your needs
let handler = new HttpClientHandler()
handler.ClientCertificates.Add(clientCert) |> ignore
// insecure, check your custom server cert
handler.ServerCertificateCustomValidationCallback <- fun msg cert chain e -> true
let client = new HttpClient(handler)
let channelOptions = GrpcChannelOptions(HttpClient = client)
let channel = GrpcChannel.ForAddress("http://127.0.0.1:5001", channelOptions)
关于HTTP2 .Net Framework 与 gRPC 的问题,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/69825958/