C# 如何在gRPC和ASP Net Core 3.0中使用ssl证书?
我正在将服务配置为使用SSL证书。我读过这篇文章: 我想这是主要代码:C# 如何在gRPC和ASP Net Core 3.0中使用ssl证书?,c#,asp.net-core,grpc,C#,Asp.net Core,Grpc,我正在将服务配置为使用SSL证书。我读过这篇文章: 我想这是主要代码: var cacert = File.ReadAllText(@"ca.crt"); var servercert = File.ReadAllText(@"server.crt"); var serverkey = File.ReadAllText(@"server.key"); var keypair = new KeyCertificatePair(servercert, serverkey); var sslCred
var cacert = File.ReadAllText(@"ca.crt");
var servercert = File.ReadAllText(@"server.crt");
var serverkey = File.ReadAllText(@"server.key");
var keypair = new KeyCertificatePair(servercert, serverkey);
var sslCredentials = new SslServerCredentials(new List<KeyCertificatePair>() { keypair }, cacert, false);
var server = new Server
{
Services = { GrpcTest.BindService(new GrpcTestImpl(writeToDisk)) },
Ports = { new ServerPort("0.0.0.0", 555, sslCredentials) }
};
server.Start();
var cacert=File.ReadAllText(@“ca.crt”);
var servercert=File.ReadAllText(@“server.crt”);
var serverkey=File.ReadAllText(@“server.key”);
var keypair=newkeycertificatePair(servercert,serverkey);
var sslCredentials=新的SslServerCredentials(新列表(){keypair},cacert,false);
var server=新服务器
{
Services={GrpcTest.BindService(新的GrpcTestImpl(writeToDisk))},
端口={newserverport(“0.0.0.0”,555,sslCredentials)}
};
server.Start();
问题是,在我的情况下,我没有以这种方式启动服务,我使用的是kestrel,代码如下:
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.ConfigureKestrel(options =>
{
System.Net.IPAddress miAddress = System.Net.IPAddress.Parse("x.x.x.x");
//options.Listen(miAddress, 5001, o => o.Protocols = HttpProtocols.Http2);
options.Listen(miAddress, 5001, l =>
{
l.Protocols = HttpProtocols.Http2;
l.UseHttps();
});
});
webBuilder.UseStartup<Startup>();
});
公共静态IHostBuilder CreateHostBuilder(字符串[]args)=>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder=>
{
webBuilder.ConfigureKestrel(选项=>
{
System.Net.IPAddress miAddress=System.Net.IPAddress.Parse(“x.x.x.x”);
//options.Listen(miAddress,5001,o=>o.Protocols=HttpProtocols.Http2);
选项。听(miAddress,5001,l=>
{
l、 协议=HttpProtocols.Http2;
l、 使用https();
});
});
webBuilder.UseStartup();
});
在这种情况下,我无法访问SslCredentials,因此无法创建新的SslCredentials
如何使用kestrel配置ssl证书
谢谢。您链接的帖子是针对Grpc.Core的,Grpc dotnet实现的配置不同 此文档和示例应有助于:
(换句话说,您可以在服务器端以与任何其他HTTP/2服务器完全相同的方式配置证书-在ASP.NET Core中配置安全连接时没有特定于grpc的内容)。看起来您将证书身份验证误认为是SSL数据加密。如果您只想加密数据通道,最好使用Kestrel,如:
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(builder =>
{
builder.ConfigureKestrel(options =>
{
options.Listen(IPAddress.Loopback, 5005, configure => { configure.UseHttps(); configure.Protocols = HttpProtocols.Http2; });
});
});
对UseHttps()的调用使用ASP.NET核心的可信开发证书
如果您想自己提供一个,请使用(或其他重载):
public static ListenOptions UseHttps(this ListenOptions listenOptions, X509Certificate2 serverCertificate)