Hello! Thx for reply! Now I'm sure that there is no problem with http/2 support on macOS so something wrong with my code. I believe it's something with dependencies. Yep, the first thing I checked was certificate itself. I define root certificate with 'StaticDataCertificateProvider' initialised with string from cert data (also checked with 'FileWatcherCertificateProvider' with cert path). Also I checked if string with cert data is correct. Insecure connection works just fine (mean server example). How I can get error logs or smith? From client code I didn't see any error - mean the connection cannot established due to problems with ssl handshake so it tried for timeout. But (*possible offtopic*) when I was looking for possible solution I tried to turn off server verification (GRPC_TLS_SKIP_ALL_SERVER_VERIFICATION) and my client thrown an exception '*grpc_channel_check_connectivity_state called on something that is not a client channel, but 'lame-client''* is it correct? In debug 'host' and 'port' in channel was empty - it's possible reason for "lame client" but don't know why - cause I define server info.
While, I write this, found recommendation to remove *grpc_unsecure* & *grpc++_unsecure* from deps and code starts to work properly. Also rebuild all dependencies and it also worked but even without removing those two libs. Now I'm a little bit confused. Previously build was the same - with *cmake*, two independent builds for x86_64 and arm64 (m1) and combine into multi architecture static lib with 'lipo -create'. So I think for now problem is resolved. I don't know how and where was original problem (possibly error in build deps). четверг, 30 декабря 2021 г. в 02:56:11 UTC+3, Zhen Lian: > Thanks for raising the issue! > > I am still not sure the root cause of this problem. Is it possible to > share the error logs on both sides? > > And another question: in your client code, did you explicitly specify your > root certificates? To enable TLS, client side needs to specify the root > certs. On some systems, if such root certs are not specified, we will load > the root certs from a default location, but it looks like on Mac it is not > the case. I am guessing that might be the cause of the problem. Can you > please double-check that? > > On Thursday, December 23, 2021 at 11:54:36 PM UTC-8 [email protected] > wrote: > >> Hello! >> >> I'm trying to create c++ GRPC client (1.37.0) which work on macOS(Big >> Sur/Monterey on intel/m1) with TLS server verification. On windows similar >> client code works just fine. But on macOS I always get "TRANSIENT_FAILURE" >> on channel state. On server side there is "ssl handshake error". >> I found that there is a problem with HTTP/2 over TLS. >> >> Is the insecure endpoint the only possible solution on macOS? >> >> Thx for your time & help. >> > -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/33c3e046-a521-409a-9218-6287d4d9625dn%40googlegroups.com.
