I am developing a product that has 2 services, let's call them service A and service B. In a typical scenario there is one instance of service A and multiple instances of service B. Since they need to communicate, service A has multiple clients and each service B has a server running.
I am wondering whether GRPC supports seamless certificate rotation. I see that there was work done <https://github.com/grpc/grpc/pull/12644> in order to bring dynamic certificate reloading (without having to restart). How I see it, having seamless rotation would require that either the server or the client supports having 2 certificates during the rotation. If the client supported 2 certificates then service A could talk to service B regardless of whether one instance (of B) is still on the old cert and another on the new cert. If the server supported 2 certificates then service B would accept calls from service A regardless of whether service A was updated to the new cert, and after it was updated, it could be signaled to all services B to drop the old cert. Thank you in advance, Alex -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/d190aebb-3205-488e-a608-86f7d512188f%40googlegroups.com.
