wu-sheng opened a new pull request #968: Support TLS of gRPC between agent and server. URL: https://github.com/apache/incubator-skywalking/pull/968 Please answer these questions before submitting pull request - Why submit this pull request? - [ ] Bug fix - [x] New feature provided - [ ] Improve performance - Related issues #936 ___ ### New feature or improvement - Describe the details and related test reports. I am following gRPC official examples to support TLS between agent and server. You can find the example in here: - Doc: https://github.com/grpc/grpc-java/blob/master/examples/README.md - Client: https://github.com/grpc/grpc-java/blob/master/examples/src/main/java/io/grpc/examples/helloworldtls/HelloWorldClientTls.java - Server: https://github.com/grpc/grpc-java/blob/master/examples/src/main/java/io/grpc/examples/helloworldtls/HelloWorldServerTls.java I chose the **TLS (no mutual auth**. And I upload `tools/TLS/tls_key_generate.sh` to generate all necessary keys. - Client: `ca.crt` file should be placed in `/ca` folder in agent package - Server: use `application.yml` to set paths of `server.crt` and `server.pem` files e.g. ```yml agent_gRPC: gRPC: host: localhost port: 11800 # Set these two setting to open ssl ssl_cert_chain_file: $path ssl_private_key_file: $path ```
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
