asp.ner core 5.0 Grpc双向认证【VSCode创建】
作者:互联网
关于grpc 我以前的文章 .Net Core3.0使用gRPC 和IdentityServer4 已经很向详细了, 关于http的双向认证 也已经有了, 大家可以参考 asp.net 5.0 https的双向认证(windows和ubuntu) ,今天主要试一下 在vccode 里面怎么完成全部的操作,证书还是用asp.net 5.0 https的双向认证(windows和ubuntu) 里面的, 结尾我会贴下来创建代码
Grpc Server
1.创建grpc server
创建结果如图:
2.现在我们创建grpcclient【 控制台程序】, 然后把cert文件夹拷贝到项目文件夹中,cert包含server.pfx和client.pfx证书
3. grpcserver项目需要用到server.pfx证书,grpcclient需要用到client.pfx证书 ,我习惯用相对目录,所以把证书拷贝到输出目录
用记事本修改grpcserver.csproj文件,添加
<ItemGroup> <None Update="cert\server.pfx"> <CopyToOutputDirectory>Always</CopyToOutputDirectory> </None> </ItemGroup>
同理grpcclient.csproj 也要修改
<ItemGroup> <None Update="cert\client.pfx"> <CopyToOutputDirectory>Always</CopyToOutputDirectory> </None> </ItemGroup>
4.修改grpcserver的Program.cs的CreateHostBuilder方法 需要添加引用:
using System.Security.Cryptography.X509Certificates; using Microsoft.AspNetCore.Server.Kestrel.Https; using System.Security.Authentication; //////////////////////////////////////////// public static IHostBuilder CreateHostBuilder(string[] args) => Host.CreateDefaultBuilder(args) .ConfigureWebHostDefaults(webBuilder => { webBuilder.UseStartup<Startup>(); webBuilder.ConfigureKestrel(kerstrel => { kerstrel.ConfigureHttpsDefaults(https => { var serverPath = AppDomain.CurrentDomain.BaseDirectory + "cert\\server.pfx"; var serverCertificate = new X509Certificate2(serverPath, "123456789"); https.ServerCertificate = serverCertificate; https.ClientCertificateMode = ClientCertificateMode.AllowCertificate; https.SslProtocols = SslProtocols.Tls12 | SslProtocols.Tls | SslProtocols.None | SslProtocols.Tls11; https.ClientCertificateValidation = (cer, chain, error) => { return chain.Build(cer); }; }); }); });
5 注意系统的版本, 我在win7下面 有如下错误HTTP/2 over TLS is not supported on Windows versions earlier than Windows 10 and Windows Server 2016 due to incompatible ciphers or missing ALPN support.现在修改grpcclient,将服务端的Protos/greet.proto拷贝到客户端Protos/greet.proto下,并在grpcclient.csproj项目文件中添加元素项组
<ItemGroup> <Protobuf Include="Protos\greet.proto" GrpcServices="Client" /> </ItemGroup>
添加必要的引用
dotnet add grpcclient.csproj package Grpc.Net.ClientFactory dotnet add grpcclient.csproj package Google.Protobuf dotnet add grpcclient.csproj package Grpc.Tools
客服端 代码:
static void Main(string[] args) { var handler = new HttpClientHandler() { SslProtocols = SslProtocols.Tls12, ClientCertificateOptions = ClientCertificateOption.Manual, ServerCertificateCustomValidationCallback = (message, cer, chain, errors) => { return chain.Build(cer); } }; var path = AppDomain.CurrentDomain.BaseDirectory + "cert\\client.pfx"; var crt = new X509Certificate2(path, "123456789"); handler.ClientCertificates.Add(crt); var channel = GrpcChannel.ForAddress("https://localhost:5001",new GrpcChannelOptions{HttpHandler=handler}); var client = new Greeter.GreeterClient(channel); var reply = client.SayHello( new HelloRequest { Name = "GreeterClient" }); Console.WriteLine("Greeting: " + reply.Message); }
运行结果:
标签:5.0,core,asp,SslProtocols,csproj,grpcclient,https,var,new 来源: https://www.cnblogs.com/majiang/p/14224810.html