On the client side, I do not think you will have a way to completely disable checking. The closest you can get is to use ChannelArguments::SetSslTargetNameOverride to set the proper name from the server side cert.
On Tue, Jun 6, 2017 at 3:05 PM, <[email protected]> wrote: > Sorry for the delay here. > > Indeed as is in ruby, the only exposed client certificate request types > are GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY and > GRPC_SSL_DONT_REQUEST_CLIENT_CERTIFICATE. > > (This is exposed through the final parameter of the ServerCredentials > constructor, > see https://github.com/grpc/grpc/blob/master/src/ruby/ext/grpc/ > rb_server_credentials.c#L129 for more details) > > +yangg for C++ > > > On Thursday, May 4, 2017 at 10:25:02 AM UTC-7, [email protected] wrote: >> >> Hello, >> >> Is it possible to have a ruby grpc server request and require a client >> certificate but not verify it? We have application logic that verifies the >> client certificate in other ways and so don't have a CA signing all the >> client certificates. >> >> In C++, it looks like you can set GRPC_SSL_REQUEST_AND_REQUI >> RE_CLIENT_CERTIFICATE_BUT_DONT_VERIFY on grpc::SslServerCredentialsOptions, >> but that doesn't seem to be exposed in ruby. >> >> On a related note, is it possible for the client (this time C++) to not >> verify the server certificate? I didn't find any obvious flags that I could >> set on grpc::SslCredentialsOptions (which is used to create the >> ChannelCredentials). >> >> Thanks >> > -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/grpc-io. To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/CAB1HKY5r62JqFKHquP7YYFLnPMeDdHB3BOoGa1QbrofXMnx-Cg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
smime.p7s
Description: S/MIME Cryptographic Signature
