Grpc .Net客户端无法使用SSL连接到服务器 [英] Grpc .Net client fails to connect to server with SSL

问题描述

无法连接到此链接中提到的greeter grpc服务-

Unable to connect to the greeter grpc service mentioned in this link - https://docs.microsoft.com/en-us/aspnet/core/tutorials/grpc/grpc-start?view=aspnetcore-3.0 from a greeter client which is written from a .net framework app using grpc.core libraries(Grpc.Core.2.24.0 and Grpc.Core.Api.2.24.0).

下面是我的客户代码.它适用于非SSL，但不适用于SSL

Below is my client code. It works with non SSL but not with SSL

具有非SSL的客户端代码(有效)

Client code with non SSL(this works)

var channel = new Channel("localhost:5000", ChannelCredentials.Insecure);
var client = new Greeter.GreeterClient(channel);
var reply = await client.SayHelloAsync(new HelloRequest { Name = "GreeterClient" });
channel.ShutdownAsync().Wait();

具有SSL的客户端代码(无法连接)

Client code with SSL(this fails to connect )

SslCredentials secureChannel = new SslCredentials();
var channel = new Channel("localhost", 5001, secureChannel);
var client = new Greeter.GreeterClient(channel);
var reply = await client.SayHelloAsync(new HelloRequest { Name = "GreeterClient" });
channel.ShutdownAsync().Wait();

我收到的SSL错误是:

The error I get with SSL is:

Grpc.Core.RpcException: 'Status(StatusCode=Unavailable, Detail="failed to connect to all addresses")'

我尝试使用在同一链接中提到的.net核心应用程序客户端(

I tried with .net core app client mentioned in the same link(https://docs.microsoft.com/en-us/aspnet/core/tutorials/grpc/grpc-start?view=aspnetcore-3.0) that works with SSL and non SSL but not by using the grp libraries directly. My client is a .Net framework client that is the reason I can't use .net libraries for connecting to grpc service. .Net grpc libraries are supported only from .net core app.

SslCredentials secureChannel = new SslCredentials();
var channel = new Channel("localhost", 5001, secureChannel);
var client = new Greeter.GreeterClient(channel);
var reply = await client.SayHelloAsync(new HelloRequest { Name = "GreeterClient" });
channel.ShutdownAsync().Wait();

预期结果-服务器的响应

Expected result - response from the server

实际结果-Grpc.Core.RpcException: 'Status(StatusCode=Unavailable, Detail="failed to connect to all addresses")'

推荐答案

我在.NET Framework c上创建了一个工作客户端，并在本地主机上的.NET Core上安装了服务器:

I made a working client on the .NET Framework c with a server on .NET Core on localhost:

static async Task Main(string[] args)
{    
    string s = GetRootCertificates();
    var channel_creds = new SslCredentials(s);
    var channel = new Channel("localhost",50051, channel_creds);
    var client = new Informer.InformerClient(channel);
    await GetPing(client);
}

public static string GetRootCertificates()
{
    StringBuilder builder = new StringBuilder();
    X509Store store = new X509Store(StoreName.Root);
    store.Open(OpenFlags.ReadOnly);
    foreach (X509Certificate2 mCert in store.Certificates)
    {
        builder.AppendLine(
            "# Issuer: " + mCert.Issuer.ToString() + "\n" +
            "# Subject: " + mCert.Subject.ToString() + "\n" +
            "# Label: " + mCert.FriendlyName.ToString() + "\n" +
            "# Serial: " + mCert.SerialNumber.ToString() + "\n" +
            "# SHA1 Fingerprint: " + mCert.GetCertHashString().ToString() + "\n" +
            ExportToPEM(mCert) + "\n");
    }
    return builder.ToString();
}

/// <summary>
/// Export a certificate to a PEM format string
/// </summary>
/// <param name="cert">The certificate to export</param>
/// <returns>A PEM encoded string</returns>
public static string ExportToPEM(X509Certificate cert)
{
    StringBuilder builder = new StringBuilder();            

    builder.AppendLine("-----BEGIN CERTIFICATE-----");
    builder.AppendLine(Convert.ToBase64String(cert.Export(X509ContentType.Cert), Base64FormattingOptions.InsertLineBreaks));
    builder.AppendLine("-----END CERTIFICATE-----");

    return builder.ToString();
}

private static async Task GetPing(Informer.InformerClient client)
{
    Console.WriteLine("Getting ping...");
    try
    {
        Metadata headers = null;
        var response = await client.GetServerPingAsync(new Empty(), headers);
        string result = "Nan";
        if (response.PingResponse_ == 1)
            result = "Ok!";
        Console.WriteLine($"Ping say: {result }");
    }
    catch (Exception ex)
    {
        Console.WriteLine("Error get server ping." + Environment.NewLine + ex.ToString());
    }
}

但是我尚未在远程计算机上成功完成此工作(例如，其中ip 192.168.1.7是服务器地址，而客户端地址是192.168.1.2)

But I have not yet succeeded in making this work on remote machines (for example, where ip 192.168.1.7 is the server address and the client address is 192.168.1.2)

这篇关于Grpc .Net客户端无法使用SSL连接到服务器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！