Hi Mark,
Currently i am using grpc with secure channel (tls 1.3). if severe
fails to validate client certificate(client's certificate: x509:
certificate signed by unknown authority), client is getting grpc error code
2 with description "stream removed".
Here "stream removed" doesn't give enough information about what
happened in the server side. is there a way to propagate ssl error
description back to grpc status till you fix this?
On Wednesday, 6 May 2020 23:16:09 UTC+5:30, Mark D. Roth wrote:
>
> UNAVAILABLE is the right status code in this situation, but the error
> message returned along with that status code should provide more useful
> information. Fixing this will require some deep plumbing changes, so I
> don't know if it will happen anytime soon, but I have filed the following
> bug to track it:
>
> https://github.com/grpc/grpc/issues/22885
>
> On Wednesday, May 6, 2020 at 7:15:56 AM UTC-7 [email protected] wrote:
>
>> is there a way to return ssl error to client, i am getting
>> UNAVAILABLE(code 14) when client certificate validation fails in server.
>>
>>
>> On Saturday, 6 October 2018 03:33:12 UTC+5:30, AK wrote:
>>>
>>> I was in exact same situation. In my opinion, client should be notified
>>> of what caused the server to throw an error.
>>>
>>> On Friday, October 5, 2018 at 2:22:36 PM UTC-7, Benjamin Krämer wrote:
>>>>
>>>> Just had the same problem at a customer site and costed me an hour to
>>>> find out that I used the wrong certificate files. Had to enable logging
>>>> and
>>>> check the errors in there to see the SSL_VERIFY_FAILED. The channel itself
>>>> only went to TransientFailure. Using C#, so not much look their either.
>>>>
>>>
--
You received this message because you are subscribed to the Google Groups
"grpc.io" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/grpc-io/9c002ab3-a63a-4311-9adb-4591dfa5830c%40googlegroups.com.
