Sorry for the delay here. Indeed as is in ruby, the only exposed client certificate request types are GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY and GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE.
(This is exposed through the final parameter of the ServerCredentials constructor, see https://github.com/grpc/grpc/blob/master/src/ruby/ext/grpc/rb_server_credentials.c#L129 for more details) +yangg for C++ On Thursday, May 4, 2017 at 10:25:02 AM UTC-7, [email protected] wrote: > > Hello, > > Is it possible to have a ruby grpc server request and require a client > certificate but not verify it? We have application logic that verifies the > client certificate in other ways and so don't have a CA signing all the > client certificates. > > In C++, it looks like you can > set GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY > on grpc::SslServerCredentialsOptions, but that doesn't seem to be exposed > in ruby. > > On a related note, is it possible for the client (this time C++) to not > verify the server certificate? I didn't find any obvious flags that I could > set on grpc::SslCredentialsOptions (which is used to create the > ChannelCredentials). > > Thanks > -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/grpc-io. To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/3f969ffa-078a-4758-914b-d0e9541aa3a8%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
