TLS is on by default for OkHttp channels. See our android-interop-test app <https://github.com/grpc/grpc-java/blob/master/android-interop-testing/app/src/main/java/io/grpc/android/integrationtest/TesterOkHttpChannelBuilder.java> for an example of how to create a secure connection using a test certificate, or just remove the call to ManagedChannel.usePlaintext(true) from this line <https://github.com/grpc/grpc-java/blob/ca7685ef50a0970662a55e3ad84b7cba73c2f2d0/examples/android/helloworld/app/src/main/java/io/grpc/helloworldexample/HelloworldActivity.java#L86> in our Android Hello World app to have it use TLS when connecting.
Eric On Aug 16, 2017 3:18 AM, <[email protected]> wrote: > Since Netty can't be used in Android, how it should be done in an Android > Client? I couldn't find any useful example. > > On Thursday, January 14, 2016 at 1:43:32 PM UTC+5:30, Young You wrote: >> >> It works! Thank you very much! >> >> 在 2016年1月14日星期四 UTC+8上午3:44:41,Eric Anderson写道: >>> >>> Yep, you need to use GrpcSslContexts >>> <http://www.grpc.io/grpc-java/javadoc/io/grpc/netty/GrpcSslContexts.html> >>> : >>> GrpcSslContexts.forClient().trustManager(...).build(); >>> GrpcSslContexts.forServer(new File...).build(); >>> >>> Alternatively, you could use GrpcSslContexts.configure(...), but I'd >>> suggest the easier forms above. >>> >>> On Wed, Jan 13, 2016 at 1:35 AM, Young You <[email protected]> wrote: >>> >>>> // Server >>>> >>>> SslContext sslContext = SslContextBuilder.forServer( >>>> new File("/Users/u/Desktop/api.grpc/src/main/resources/server.crt"), >>>> new >>>> File("/Users/u/Desktop/api.grpc/src/main/resources/private_key_pkcs8.pem")) >>>> .build(); >>>> >>>> server = NettyServerBuilder.forPort(port).sslContext(sslContext) >>>> .addService(GreeterGrpc.bindService(new GreeterImpl())).build() >>>> .start(); >>>> >>>> >>>> // Client >>>> SslContext sslContext = SslContextBuilder.forClient().trustManager(new >>>> File( >>>> >>>> "/Users/u/Desktop/api.grpc/src/main/resources/server.crt")).build(); >>>> channel = NettyChannelBuilder.forAddress(host, port) >>>> .sslContext(sslContext) >>>> .build(); >>>> blockingStub = GreeterGrpc.newBlockingStub(channel); >>>> >>>> >>>> Both server and client do not work, I have tried with another client >>>> and server written in Ruby. >>>> >>>> >>>> 在 2016年1月8日星期五 UTC+8上午11:10:59,Young You写道: >>>> >>>>> Can someone give me an example with grpc-java and ssl ? >>>>> >>>>> My code returns this error >>>>> >>>>> io.grpc.StatusRuntimeException: UNKNOWN >>>>> at io.grpc.Status.asRuntimeException(Status.java:430) >>>>> at io.grpc.stub.ClientCalls.getUnchecked(ClientCalls.java:156) >>>>> at io.grpc.stub.ClientCalls.blockingUnaryCall(ClientCalls.java:106) >>>>> at ex.grpc.GreeterGrpc$GreeterBlockingStub.sayHello(GreeterGrpc >>>>> .java:109) >>>>> at com.chinark.api.helloworld.HelloWorldClient.greet(HelloWorld >>>>> Client.java:45) >>>>> at com.chinark.api.helloworld.HelloWorldClient.main(HelloWorldC >>>>> lient.java:60) >>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce >>>>> ssorImpl.java:62) >>>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe >>>>> thodAccessorImpl.java:43) >>>>> at java.lang.reflect.Method.invoke(Method.java:497) >>>>> at com.intellij.rt.execution.application.AppMain.main(AppMain.j >>>>> ava:144) >>>>> Caused by: java.lang.Exception: Failed ALPN negotiation: Unable to >>>>> find compatible protocol. >>>>> at io.grpc.netty.ProtocolNegotiators$BufferUntilTlsNegotiatedHa >>>>> ndler.userEventTriggered(ProtocolNegotiators.java:400) >>>>> at io.netty.channel.ChannelHandlerInvokerUtil.invokeUserEventTr >>>>> iggeredNow(ChannelHandlerInvokerUtil.java:75) >>>>> at io.netty.channel.DefaultChannelHandlerInvoker.invokeUserEven >>>>> tTriggered(DefaultChannelHandlerInvoker.java:135) >>>>> at io.netty.channel.AbstractChannelHandlerContext.fireUserEvent >>>>> Triggered(AbstractChannelHandlerContext.java:149) >>>>> at io.netty.channel.ChannelInboundHandlerAdapter.userEventTrigg >>>>> ered(ChannelInboundHandlerAdapter.java:108) >>>>> at io.netty.channel.ChannelHandlerInvokerUtil.invokeUserEventTr >>>>> iggeredNow(ChannelHandlerInvokerUtil.java:75) >>>>> at io.netty.channel.DefaultChannelHandlerInvoker.invokeUserEven >>>>> tTriggered(DefaultChannelHandlerInvoker.java:135) >>>>> at io.netty.channel.AbstractChannelHandlerContext.fireUserEvent >>>>> Triggered(AbstractChannelHandlerContext.java:149) >>>>> at io.netty.handler.ssl.SslHandler.setHandshakeSuccess(SslHandl >>>>> er.java:1240) >>>>> at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1067) >>>>> at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:965) >>>>> at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteT >>>>> oMessageDecoder.java:327) >>>>> at io.netty.handler.codec.ByteToMessageDecoder.channelRead(Byte >>>>> ToMessageDecoder.java:230) >>>>> at io.netty.channel.ChannelHandlerInvokerUtil.invokeChannelRead >>>>> Now(ChannelHandlerInvokerUtil.java:83) >>>>> at io.netty.channel.DefaultChannelHandlerInvoker.invokeChannelR >>>>> ead(DefaultChannelHandlerInvoker.java:153) >>>>> at io.netty.channel.AbstractChannelHandlerContext.fireChannelRe >>>>> ad(AbstractChannelHandlerContext.java:157) >>>>> at io.netty.channel.DefaultChannelPipeline.fireChannelRead(Defa >>>>> ultChannelPipeline.java:946) >>>>> at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.re >>>>> ad(AbstractNioByteChannel.java:125) >>>>> at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEven >>>>> tLoop.java:510) >>>>> at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimiz >>>>> ed(NioEventLoop.java:467) >>>>> at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEve >>>>> ntLoop.java:381) >>>>> at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:353) >>>>> at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(Sin >>>>> gleThreadEventExecutor.java:742) >>>>> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPool >>>>> Executor.java:1142) >>>>> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoo >>>>> lExecutor.java:617) >>>>> at java.lang.Thread.run(Thread.java:745) >>>>> >>>>> >>>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "grpc.io" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To post to this group, send email to [email protected]. >>>> To view this discussion on the web visit https://groups.google.com/d/ms >>>> gid/grpc-io/36e418b7-7298-4f3e-ae4f-6fed3fd8052c%40googlegroups.com >>>> <https://groups.google.com/d/msgid/grpc-io/36e418b7-7298-4f3e-ae4f-6fed3fd8052c%40googlegroups.com?utm_medium=email&utm_source=footer> >>>> . >>>> >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> -- > You received this message because you are subscribed to the Google Groups " > grpc.io" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/grpc-io. > To view this discussion on the web visit https://groups.google.com/d/ms > gid/grpc-io/abc7de2a-e4f1-4bf2-a693-1d193f9163cd%40googlegroups.com > <https://groups.google.com/d/msgid/grpc-io/abc7de2a-e4f1-4bf2-a693-1d193f9163cd%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/grpc-io. To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/CALUXJ7h8gt_V2dc%3DmhhgkFi3efnKL%3DDfk%3DRpfijQTUzrNtBKRw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
