README
¶
gtls
gtls provides grpc secure connectivity by tls, supporting both one-way secure connection and mutual tls connection.
Example of use
One-way secure connection
grpc server example
import "github.com/zhufuyi/sponge/pkg/grpc/gtls"
func main() {
// one-way connection
credentials, err := gtls.GetServerTLSCredentials(
certfile.Path("/one-way/server.crt"),
certfile.Path("/one-way/server.key"),
)
// check err
server := grpc.NewServer(grpc.Creds(credentials))
}
grpc client example
import "github.com/zhufuyi/sponge/pkg/grpc/gtls"
func main() {
// one-way connection
credentials, err := gtls.GetClientTLSCredentials(
"localhost",
certfile.Path("/one-way/server.crt"),
)
// check err
conn, err := grpc.Dial("127.0.0.1:8080", grpc.WithTransportCredentials(credentials))
// check err
}
Mutual tls connection
grpc server example
import "github.com/zhufuyi/sponge/pkg/grpc/gtls"
func main() {
// two-way secure connection
credentials, err := gtls.GetServerTLSCredentialsByCA(
certfile.Path("two-way/ca.pem"),
certfile.Path("two-way/server/server.pem"),
certfile.Path("two-way/server/server.key"),
)
// check err
server := grpc.NewServer(grpc.Creds(credentials))
}
grpc client example
import "github.com/zhufuyi/sponge/pkg/grpc/gtls"
func main() {
// two-way secure connection
credentials, err := gtls.GetClientTLSCredentialsByCA(
"localhost",
certfile.Path("two-way/ca.pem"),
certfile.Path("two-way/client/client.pem"),
certfile.Path("two-way/client/client.key"),
)
// check err
conn, err := grpc.Dial("127.0.0.1:8080", grpc.WithTransportCredentials(credentials))
// check err
}
Documentation
¶
Overview ¶
Package gtls provides grpc secure connectivity, supporting both server-only authentication and client-server authentication.
Index ¶
- func GetClientTLSCredentials(serverName string, certFile string) (credentials.TransportCredentials, error)
- func GetClientTLSCredentialsByCA(serverName string, caFile string, certFile string, keyFile string) (credentials.TransportCredentials, error)
- func GetServerTLSCredentials(certFile string, keyFile string) (credentials.TransportCredentials, error)
- func GetServerTLSCredentialsByCA(caFile string, certFile string, keyFile string) (credentials.TransportCredentials, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GetClientTLSCredentials ¶
func GetClientTLSCredentials(serverName string, certFile string) (credentials.TransportCredentials, error)
GetClientTLSCredentials TLS encryption
func GetClientTLSCredentialsByCA ¶
func GetClientTLSCredentialsByCA(serverName string, caFile string, certFile string, keyFile string) (credentials.TransportCredentials, error)
GetClientTLSCredentialsByCA two-way authentication via CA-issued root certificate
func GetServerTLSCredentials ¶
func GetServerTLSCredentials(certFile string, keyFile string) (credentials.TransportCredentials, error)
GetServerTLSCredentials server-side authentication
func GetServerTLSCredentialsByCA ¶
func GetServerTLSCredentialsByCA(caFile string, certFile string, keyFile string) (credentials.TransportCredentials, error)
GetServerTLSCredentialsByCA two-way authentication via CA-issued root certificate
Types ¶
This section is empty.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.