Hello everyone I'm a little bit in a loss on how to do this, I want to do what this guy does in this post using RequireAndVerifyClientCert, but with gRPC:
"Getting the Server to Trust the Client" https://ericchiang.github.io/post/go-tls/ I already have CA root and key (pem) files in the server. Potential users can create Certificate Sign Requests with "openssl req -new...." I can sign / approve / provide temporary CSR with "openssl x509 -req...." I can check that certs are valid and haven't _expired_ with "openssl verify...." So the question is: How can I make it so that only clients connecting with a certificate signed with the root CA can call [some] functions? If it's to much o a pain to restrict only some functions, restricting the whole gRPC server also works for me. The authentication overview guide says it's possible to extend or customize authentication methods, but it seems like such means (MetadataCredentialsPlugin) aren't available in golang yet. https://grpc.io/docs/guides/auth.html Any ideas? -Ismael -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/grpc-io. To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/48e78671-f576-4823-a2a4-b87ca053ed9e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
