Hi, I am trying to setup a gRPC client and server example on WSL with SSL (server authentication only)
I created the following files (following this tutorial: https://jsherz.com/grpc/node/nodejs/mutual/authentication/ssl/2017/10/27/grpc-node-with-mutual-auth.html) *my_root_cert.crt* -----BEGIN CERTIFICATE----- MIIEgDCCAmigAwIBAgIQBSsnVXC24hhmdgVV6NlFXzANBgkqhkiG9w0BAQsFADA3 MRcwFQYDVQQKEw5FbnJpY2htZW50IEluYzEcMBoGA1UEAxMTRW5yaWNobWVudCBz ZXJ2aWNlczAeFw0xODEwMTcwODE2MjVaFw0yMDA0MTcwODEwMTFaMCUxIzAhBgNV BAMTGkxULTgyMDRQVC5jZWxsZWJyaXRlLmxvY2FsMIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAuk+HpXl6WE7oYm+AfgRqPWDc4MWCErax7LmFXXQXuh9x a6Rv7fa/Vu7v31mQhdrFIcQu8DW/4q9jkGTYp4mUsmA7TapWhWDtN1GCr+gHeUYN oFwXP3pki9BWWCR4lrCNeInSpDzTn71eymyfItUcWYHWcm4uM/hQ03/KpXtDzdHr IQPDH6QmNFi8ulfyv6Urr/DOC9QHazgYnShHPJMEnUXv05vP0lAT30qR/9yaTcke XI+332G+38iivLNp1ESWh+u+uMm1Yf/cz/Ai1rCPdTct/br1bl2LWm1vz6vI176W 93oHCOOcAW+/Hf/11F/KvtlVBoZ0Tl6e7d++tDnG9wIDAQABo4GZMIGWMA4GA1Ud DwEB/wQEAwIDuDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0O BBYEFP/stlJSMQ0Pf1I8RFZ9jMNFqbmlMB8GA1UdIwQYMBaAFMKTZ5z5ZU9uSurP Lqi1Yfnfi4gfMCUGA1UdEQQeMByCGkxULTgyMDRQVC5jZWxsZWJyaXRlLmxvY2Fs MA0GCSqGSIb3DQEBCwUAA4ICAQAEdZ5+RvPfg46DypZx3pctlWa4r2yFln8gzwyW Xq6VaK29jkFNlbchOXkFrhtOWIskZLmmNhLOCWHDgvleclt96kHxjr4tAC8S6rRb sjTSnhkIFOQYSGvBDTTuvNb371zl5kXlnCFntvpOh4PxTmzlyb1TdnZXUYWSDuDl eL5KBeFCoZhzsohZB+LTsOeRfYR86koMSpZKZcg5NxQfjdni7WMPti956jITOKm/ FVh57HWMZWe587gtvK9Ntm29j4uiX6skpgprHgHwzBnfYIiyCWRneu2IZ7oJjeU1 s+IsskYpNLx/9tyV3PHcbcslvxDsV8SntW6Ds5kIc/qtgBqv2cmAc4fECTEJdJLP 7aMBhq3nKTEQoogy0VgNUKrQG66y0x467epiHtMO6doxCEt0wcvH/Z4ou4Vm9MtL dXpJ4a60Vqpd1Da3WuyNFP0YeINeDjgREJHEIkdwpbm86RkxgZtQM2C7lsB3A4rg H2ql7nvx3YXQOqcdWk+OwB6f70nvEm8Ph1U/qeLPchB4YnzQ670nDRjY4boKaZ1g hZKdD/J6j9Aua7F2NhCvzFlgKEALZbhPzzy+XwYZWf+oF2OB+rVA462g6ULWplkd 70Nb+hecRqp8y4D1qn1bcZftfsAxhv73Myb+fwUBnhWNKTFpW5HSTZYY0qx5zOf1 rlGphw== -----END CERTIFICATE----- *my_private.key (private_key)* -----BEGIN RSA PRIVATE KEY----- MIIJKQIBAAKCAgEAzcgKxU9Xss9Lup0atVdCrRAn/W/mAyVpSZrlRWdO9/Rk4GuN MehNNaCUrux+UQ8kUJn8S9+PBHW1SSG/IkRazfnk9Y9ThlIQiU3PNVbY9cHwXwf1 kTtMe7jo58B1vY4MM4Llu311WQ74ru4voElyupZh7m8wlbEIhqNZAuZ2733wgntv kX0EXVb1wKdnQDCX+aDwti6KEIyI04dMdlpJ+cwkJnXTErwCdePF26lx8Lw3SNji WLiiQJewBJQ5qDmeOL/5dDXu4cf/6kp/wPrQaKUEAtw8gK90QJJR9trO2GiWalhI b+oHA+eLsOultqk3ZlQ0l84QKtwUkDnPpR4PK5yI+ykBZXSuFX0eyM0vOIf65I3e UxIfKGm3f4Xh0gn2hRCFvVQ/wNUdsTi+itn9JipzzPK/OtI7+pkLi/mEdb6uD+50 9Y/icnVope3KNsYqAfg0KNiv5l5gBzEISvRbwm4IEQ/4QjyBAPac19LoI1scECv4 imyD/R3/7bxdbsTPJwg+wdyevGB1SU0D2DtopM8qR62lqzcJLaeZXIq1U5TYqwFu CsEjs8ZKiTe+2NiFpCFvPtZha4ulUt2sdk8h/d07VZW92i1EnkeKyRTVo0TLkU0m v46/bFH5VkoruAJFsuNPucdK35s6yPFgH2/Xtql7VL3ZRNGapjsukf6uHPUCAwEA AQKCAgEAnKKhODE9wvixXxnIw7HpKcx7dBkhztFCRGmoDN0nKewYgQ68yflWE/To WAHh4JeS/9tGRQalWTKzzDfowg+fwtttYVE4taxvs+PLToGN4fs+mUd4r5Sgkihc +FLyDFg8h1Uiw0Uq9qBDwPvCutJNhyOC5bgzFi5MHBfoYCHG9GM7mEaW1PqBQP85 Tuzd1elnNPdBYpsoMpKWb9Sz6f6uAntWJQRYpxD/GndHGv3uodzShBu6pufbcSlF LScagCdjfTT7j26iJ7BR5yfP+LexvYWl+Ptk/lsPNTtrMmi5O9bYb5hFgxJzRpCQ Lxof6FsDtVtxMQAEJGujJ2kp2jh4OE630b/yrHdhfXiBCnvnaZZatr8x5QwTS7d8 6AF2/CGmbnKe5CfJ4ry99EQrIhUNk19l+De2lk5hDHldm+8A5zJVKzPEcj7wU/sC jXDS3orDcECBr2bqWp0pLHPy+SQcerPsnpD+1pxsPPuJhOdpLRTNk99umhojiWdw i17EjR9qKE1aFSfBCu7DloVD0bF9+nDLmVT2P9oZAchRI8Qd/o93K+FUTKpbybyQ D7YVb3CDnshtCV2DfyeVibVnoJOdEuY72/KF5qbphBpH/NSL5RgJ90n3Xo+x8qyd 2GjapwdOYRSWuJRaqlD4pPeWRs/A5NXSJi9cfGoRL5aW+T18feECggEBANV3xf9a kFsoms10Sg+OSU15mhcvPkLkqnMiiqjGGWtjGT9H5PuFjTvBY36f0rlWADLvSPyz oNuV3JaMhAFpjYUQzFXOtbm/CejjzQdn8ZLW6WtMA4e8buy/w9Xek0XgZXsvNAg1 U2OWKXH0qUN0GtVc2smo6dy+uy6L7LkNc+QDWopBzDdZf8r/k1dRI7iU5zSo/Bo6 f04d3AYf5QGTmBosJYkXppzk/TRc7/O7jjr5Ta0zF3lE9sdSsdrCCNFb5jgJafuu 8Is5li49jbQ2IxXgPVvHqVW4RebcV6IcXavmNnUUYENDr7bLqAWdsKhu7kF0L3f7 FyHJrMHvjzwbqskCggEBAPbINeMx6uTpDrktf/O+ecsmBB9Y+9k6hh5mxdq/aZDd rYeiZ2hSm7haZQEXPa04S0Z0CgqWw/ucCgOdUUdprzWiomGKcKdBn/cro4mauoFQ DXs9BBhQBWRbNNe9jIR9g6aOW3wsoS+4+qwU/98fxD0g5jHznclge0c7ny8LygYF T/dhAv/XM79zX9Vdr88H69ELsGRzC28bOECYwU8kxFL109CSoNjxljj0NlGSARUC 2ZzIQ2lMxhRzy1a7U/7KA/vYw7sY+vbLQOYPZ0WqxvIwbltJ2URSBrylCel9ehKa /hIDrIMSgnBx/hHWE0IaGqkNlgLJYWMJTD2QxYPGis0CggEAcRwj9+he8U6UqCTk UVXNlZXHhl1sGjnb72HwIvnE4lgCOru3o2birTUNqTy6haYCOPr9q5jqtS+1ULho Ae+SI14BR75eIGwPri12qGP1Zx8lU8tVW4kHJb9+30Yutynt29XpNig7ZVtd3poL TkipJ0EqVQyBzovp1wIhjvSH4du9D+FJelKcGk5OHkhKKzYLRKX930/7wMKloUEp MSqpv8SApyG3EQ9s82ADbRyGgs0y0YFvAL0AHiG9R/LkhTqyxCKI2+mYX81FvH61 JTZCZQcKvCURnvAjae57KNTq9XjohiUj1MB6zNsgzsj9oGIXMOuFc4fCfA7G0YRE W081sQKCAQAnTQkv7nIvFGKQ4QsggTQaQyqi52PsW2KiktFtndAtDvCkyhtXxNgh ytuNCet7m5x5Ut+Kgioh9t6tZq9cBRuvGgBsMkTwjgXwshVwQ6DyGRKcjsIJMS06 pz/KH9ix/N8rdj5hjyX4WKgrIYkCOqfg6E1gpSB6wo+/b2JRdrosrUnn5p44qkgG dFRNwYbPHL7UYt0rkhq/DgGuX+VhOkS9xYJ/E+rjwc2fsly4Lt1XQEXxrv71VRGy jiJS5LBiwj9SK1o4gKjvBr2GJevXb3QRe98HUMJ2G+4QuuPSOHZpYh+WNNmTYi49 xBmnM4WLoGagh5ZdST7mK8Plhhm+e679AoIBAQCFZY8hDyEemsHqnzPlkuvG+bBD RD5QJ9epemDYm78SzDXZ2L1y+luNZVE0XlqXyEXe6z5qcZfa+o7BOLZIXH7qASXf pGewHjcfPAzWpgYCNCkADbDtLWAhFg3fotGvRYj5n0cqVAmGqZBGsva4mEHA7jn5 /ra+FPZgKB1UapLrQ9ZxYPNZ9kD3UavTr8U+uWNV1PnOXSyjREyT9LO5N4HJQBEt IbYf2GHcpAmghq5nxvPTGi9kwhjBhmjyYskMI+yAbWmqBpZ3+2n5Sx9fCnRyQlBx emU9U0u2Q4S9m58SQAS8nso0WEO1qTR2bAwKTTSROqKeP0SPiLftRMJL8Hnu -----END RSA PRIVATE KEY----- *my_crt.crt (cert_chain)* -----BEGIN CERTIFICATE----- MIIFLjCCAxagAwIBAgIBATANBgkqhkiG9w0BAQsFADA3MRcwFQYDVQQKEw5FbnJp Y2htZW50IEluYzEcMBoGA1UEAxMTRW5yaWNobWVudCBzZXJ2aWNlczAeFw0xODEw MTcwODEwMTJaFw0yMDA0MTcwODEwMTJaMDcxFzAVBgNVBAoTDkVucmljaG1lbnQg SW5jMRwwGgYDVQQDExNFbnJpY2htZW50IHNlcnZpY2VzMIICIjANBgkqhkiG9w0B AQEFAAOCAg8AMIICCgKCAgEAzcgKxU9Xss9Lup0atVdCrRAn/W/mAyVpSZrlRWdO 9/Rk4GuNMehNNaCUrux+UQ8kUJn8S9+PBHW1SSG/IkRazfnk9Y9ThlIQiU3PNVbY 9cHwXwf1kTtMe7jo58B1vY4MM4Llu311WQ74ru4voElyupZh7m8wlbEIhqNZAuZ2 733wgntvkX0EXVb1wKdnQDCX+aDwti6KEIyI04dMdlpJ+cwkJnXTErwCdePF26lx 8Lw3SNjiWLiiQJewBJQ5qDmeOL/5dDXu4cf/6kp/wPrQaKUEAtw8gK90QJJR9trO 2GiWalhIb+oHA+eLsOultqk3ZlQ0l84QKtwUkDnPpR4PK5yI+ykBZXSuFX0eyM0v OIf65I3eUxIfKGm3f4Xh0gn2hRCFvVQ/wNUdsTi+itn9JipzzPK/OtI7+pkLi/mE db6uD+509Y/icnVope3KNsYqAfg0KNiv5l5gBzEISvRbwm4IEQ/4QjyBAPac19Lo I1scECv4imyD/R3/7bxdbsTPJwg+wdyevGB1SU0D2DtopM8qR62lqzcJLaeZXIq1 U5TYqwFuCsEjs8ZKiTe+2NiFpCFvPtZha4ulUt2sdk8h/d07VZW92i1EnkeKyRTV o0TLkU0mv46/bFH5VkoruAJFsuNPucdK35s6yPFgH2/Xtql7VL3ZRNGapjsukf6u HPUCAwEAAaNFMEMwDgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAw HQYDVR0OBBYEFMKTZ5z5ZU9uSurPLqi1Yfnfi4gfMA0GCSqGSIb3DQEBCwUAA4IC AQCZicw1L1DK5OEBofVSTKXdAWZnCzVguFl0veNeIk6kvXZjoRB70tssUAOA374O rIcPq0XXw0kO26m51pnEK2LK4iBlmY4bGWxVNnyh860bzISUunSA1Bw95rSU366V 1+hVo8sESnJdq6B/miQwsasF0Bd8EDvN9LRFgnw5ModsjRK9soz2BQLPd1row7Gy lh73OEaKvNmcqN8mygC7uPVztQvbNM7Wb/oIpNIhVvgVqs0j0Yhbn693Ig7k/uuD zJCF0O34AMbMoHDAdigDyymdcR+TJtroaTnM7w6wquVQIWzGmmY3ix3TUD5YBCWV 7xVY7X4kXKAkHc/hodA1DH9xgpJyW5Dc7TtDajPPYsOuxFZGJXtdOaIIiL7KbVU8 Y8oeQi5OPNsouqXBm4i6r5t0BjNx5zRIgvNioKpgdcQsSQvlWLqDfCiOoQgcB/E+ 1ZR5SH9SLMH+2CSRnCui1TyxJW4yTzVCOkQEWSa1u/67uuzg1y6ouqk3kZGP6Wwg t3qdFM9sD0Pl/C4qVc9iqdyqIMXSDD4pOLEqyZ7J6V7yg4JCI7gRktGPpcqoHD29 78+nsmYxgbdDQ8YxV+UKNxP9ocWYmjh0RMTAvO9J71gVNY4GzWLytKqfci2hb3+v /vxB0XOqSX7RrmN6eryAHgwFtbTp13SZDAtMxxwbYQYH6Q== -----END CERTIFICATE----- And I use them as follows: *Server Code* server.bind('0.0.0.0:50051', grpc.ServerCredentials.createSsl( Buffer.from(fs.readFileSync(my_root_cert.crt"))), [{ private_key: Buffer.from(fs.readFileSync(my_private.key"))), cert_chain: Buffer.from(fs.readFileSync(my_crt.crt"))) }], false)); server.start(); *Client Code* var client = new hello_proto.Greeter('localhost:50051', grpc.credentials. createSsl( Buffer.from(fs.readFileSync(my_root_cert.crt"))) )); *Result running the client* E1017 16:17:10.176686000 11891 ssl_transport_security.cc:1229] Handshake failed with fatal error SSL_ERROR_SSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed. *Server error after client made the request* I1017 17:06:18.330876700 11925 tcp_custom.cc:217] write complete on 0x2d90750: error="No Error" I1017 17:06:18.331029000 11925 resource_quota.cc:873] RQ anonymous_pool_2d8e8d0 ipv4:127.0.0.1:60074: alloc 8192; free_pool -> 0 I1017 17:06:18.331222900 11925 tcp_custom.cc:174] TCP:0x2d90750 read_allocation_done: "No Error" I1017 17:06:18.331411000 11925 tcp_custom.cc:191] Initiating read on 0x2d90750: error="No Error" I1017 17:06:18.331593800 11925 completion_queue.cc:954] grpc_completion_queue_next(cq=0x2d9d220, deadline=gpr_timespec { tv_sec: -9223372036854775808, tv_nsec: 0, clock_type: 0 }, reserved=(nil)) I1017 17:06:18.331740200 11925 completion_queue.cc:1054] RETURN_EVENT[0x2d9d220]: QUEUE_TIMEOUT I1017 17:06:18.332470400 11925 resource_quota.cc:896] RQ anonymous_pool_2d8e8d0 ipv4:127.0.0.1:60074: free 8192; free_pool -> 8192 I1017 17:06:18.332555800 11925 tcp_custom.cc:128] TCP:0x2d90750 call_cb 0x2dce3c0 0x7f5d07b63a30:0x2dce1f0 I1017 17:06:18.332633300 11925 tcp_custom.cc:132] read: error={"created":"@1539785178.332456900","description":"EOF","file":"../deps/grpc/src/core/lib/iomgr/tcp_uv.cc","file_line":107} D1017 17:06:18.332712400 11925 security_handshaker.cc:129] Security handshake failed: {"created":"@1539785178.332702700","description":"Handshake read failed","file":"../deps/grpc/src/core/lib/security/transport/security_handshaker.cc","file_line":321,"referenced_errors":[{"created":"@1539785178.332456900","description":"EOF","file":"../deps/grpc/src/core/lib/iomgr/tcp_uv.cc","file_line":107}]} I1017 17:06:18.332782200 11925 tcp_custom.cc:286] TCP 0x2d90750 shutdown why={"created":"@1539785178.332702700","description":"Handshake read failed","file":"../deps/grpc/src/core/lib/security/transport/security_handshaker.cc","file_line":321,"referenced_errors":[{"created":"@1539785178.332456900","description":"EOF","file":"../deps/grpc/src/core/lib/iomgr/tcp_uv.cc","file_line":107}]} I1017 17:06:18.332864100 11925 handshaker.cc:212] handshake_manager 0x2d92650: error={"created":"@1539785178.332702700","description":"Handshake read failed","file":"../deps/grpc/src/core/lib/security/transport/security_handshaker.cc","file_line":321,"referenced_errors":[{"created":"@1539785178.332456900","description":"EOF","file":"../deps/grpc/src/core/lib/iomgr/tcp_uv.cc","file_line":107}]} shutdown=0 index=1, args={endpoint=(nil), args=(nil) {size=0: (null)}, read_buffer=(nil) (length=0), exit_early=0} I1017 17:06:18.333795500 11925 handshaker.cc:245] handshake_manager 0x2d92650: handshaking complete -- scheduling on_handshake_done with error={"created":"@1539785178.332702700","description":"Handshake read failed","file":"../deps/grpc/src/core/lib/security/transport/security_handshaker.cc","file_line":321,"referenced_errors":[{"created":"@1539785178.332456900","description":"EOF","file":"../deps/grpc/src/core/lib/iomgr/tcp_uv.cc","file_line":107}]} D1017 17:06:18.333917300 11925 chttp2_server.cc:113] Handshaking failed: {"created":"@1539785178.332702700","description":"Handshake read failed","file":"../deps/grpc/src/core/lib/security/transport/security_handshaker.cc","file_line":321,"referenced_errors":[{"created":"@1539785178.332456900","description":"EOF","file":"../deps/grpc/src/core/lib/iomgr/tcp_uv.cc","file_line":107}]} I1017 17:06:18.334201900 11925 resource_quota.cc:532] RU shutdown 0x2d916c0 I1017 17:06:18.334281900 11925 completion_queue.cc:954] grpc_completion_queue_next(cq=0x2d9d220, deadline=gpr_timespec { tv_sec: -9223372036854775808, tv_nsec: 0, clock_type: 0 }, reserved=(nil)) I1017 17:06:18.334347300 11925 completion_queue.cc:1054] RETURN_EVENT[0x2d9d220]: QUEUE_TIMEOUT *Any idea why the handshake fails?* -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/grpc-io. To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/fb5063c5-9a0b-4e93-b0a6-5d00485225aa%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
