7

How do you use the gRPC python auth library for both client and server authentication? The docs only cover server authentication.

Are there additional flags in grpc.secure_channel() that need to be used?

Improve this question

1 Answer 1

Reset to default
8

The server side, needs to have:

server_credentials = grpc.ssl_server_credentials(
    ((private_key, cert_chain),), root_cert, require_client_auth=True)
server.add_secure_port('%s:%d' % (ip, port), server_credentials)

root_cert is the root CA to verify the client certificate. private_key and cert_chain will be the certificate the server uses to be verified by the client.

And the client side:

creds = grpc.ssl_channel_credentials(
        certificate_chain=cert_chain, private_key=cert_key, root_certificates=root_ca)
channel = grpc.secure_channel('%s:%d' % (hostname, port), creds)

Where root_ca is the root CA to verify the server's certificate chain, and cert_chain and cert_key are used to authenticate the client.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.