如何使用HTTPS和我自己的证书将Grpc(netstandard 2.0)与Grpc.Asp.NetCore服务器(.NET 5.0)连接? [英] How to connect Grpc (netstandard 2.0) with Grpc.Asp.NetCore server (.NET 5.0) using HTTPS and my own certificate?
问题描述
我在客户端遇到此异常:
I get this exception on the client:
Grpc.Core.RpcException:状态(StatusCode =不可用",Detail =无法连接到所有地址"),DebugException ="Grpc.Core.Internal.CoreErrorDetailException:{创建":"; @ 1606620349.107000000",描述":无法选择子频道",文件":"T:\ src \ github \ grpc \ workspace_csharp_ext_windows_x86 \ src \ core \ ext \ filters \ client_channel \ client_channel.cc";,"file_line":4166,"referenced_errors":[{"created":"@ 1606620349.107000000","description":无法连接到所有地址","file":"T:\ src \ github \ grpc \ workspace_csharp_ext_windows_x86 \ src \ core \ ext \ filters \ client_channel \ lb_policy \ pick_first \ pick_first.cc","file_line":398,"grpc_status":14}]}")
Grpc.Core.RpcException: 'Status(StatusCode="Unavailable", Detail="failed to connect to all addresses", DebugException="Grpc.Core.Internal.CoreErrorDetailException: {"created":"@1606620349.107000000","description":"Failed to pick subchannel","file":"T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\client_channel.cc","file_line":4166,"referenced_errors":[{"created":"@1606620349.107000000","description":"failed to connect to all addresses","file":"T:\src\github\grpc\workspace_csharp_ext_windows_x86\src\core\ext\filters\client_channel\lb_policy\pick_first\pick_first.cc","file_line":398,"grpc_status":14}]}")'
客户渠道:
private Channel GetChannel()
{
return new Channel(
_settings.FileServiceUri
, CertificatePEM == null ? ChannelCredentials.Insecure :
new SslCredentials(
CertificatePEM
, new KeyCertificatePair(CertificatePEM, File.ReadAllText("Syrilium.FileUpdater.cer.key"))
)
, new[] {
new ChannelOption(ChannelOptions.MaxReceiveMessageLength,int.MaxValue),
new ChannelOption(ChannelOptions.MaxSendMessageLength,int.MaxValue),
}
);
}
服务器配置:
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.UseServiceProviderFactory(new AutofacServiceProviderFactory())
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.ConfigureKestrel(kestrelOptions =>
{
var sslCertificate = LoadSSLCertificate();
kestrelOptions.ListenAnyIP(/*IPAddress.Parse("127.0.0.1"),*/ 5001
, listenOptions =>
{
listenOptions.UseHttps(
sslCertificate,
httpsOptions =>
{
//httpsOptions.SslProtocols = SslProtocols.Tls12;
httpsOptions.ClientCertificateMode = ClientCertificateMode.AllowCertificate;
httpsOptions.ClientCertificateValidation = (certificate, chain, errors) =>
{
return true /*certificate.Thumbprint.Equals(_clientThumbprint, StringComparison.OrdinalIgnoreCase)*/;
};
}
);
listenOptions.Protocols = HttpProtocols.Http2;
}
);
});
webBuilder.UseStartup<Startup>();
});
当我刚删除时
listenOptions.UseHttps...
在服务器上并使用
ChannelCredentials.Insecure
在客户端上有效.
如何使这两个与HTTPS和我自己的证书通信?这是在最新版本的库中工作的客户端和服务器的简单示例.
How to make those two communicate with HTTPS and my own certificate? Just a simple example of both client and server that work on these newest versions of libraries.
我打来电话
httpsOptions.OnAuthenticate = (ctx, auth) => { };
在服务中,但我不知道该怎么办,如果有什么我可以使用的呢?握手失败.
on service but I don't know what, if anything useful I can do with it? It fails on a handshake.
推荐答案
在评论包含解决方案的阅读者之后,我在此处编写解决方案...
I write the solution here after the comments contained the solution as who reads the comments...
问题在于.net 5.0客户端速度更快,并且由于服务器尚未准备好接受连接,因此客户端无法连接.在开发Client和Server时,最好使用共享项目有2个解决方案,因此您可以使用Visual Studio的2个实例同时调试两者.您可以使用VS的多个实例打开相同的解决方案,但是您将开始遇到不同的问题,例如在中间窗口和输出窗口中.
The issue is that .net 5.0 client is faster and the client can't connect as the server is not ready to accept connections. When developing Client and Server best to have 2 solutions with the shared projects so you can debug both at the same time using 2 instances of visual studio. YOu can open the same solution with several instances of VS however you will start running into different issues for example in the intermediate window and output window.
这篇关于如何使用HTTPS和我自己的证书将Grpc(netstandard 2.0)与Grpc.Asp.NetCore服务器(.NET 5.0)连接?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
