下面列出了io.grpc.netty.shaded.io.netty.handler.ssl.SslContextBuilder#trustManager ( ) 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
private static NettyChannelBuilder createSecureChannel(
String host, int port, Optional<Path> certPath, Optional<Path> keyPath, Optional<Path> caPath)
throws SSLException {
SslContextBuilder contextBuilder = GrpcSslContexts.forClient();
if (certPath.isPresent() && keyPath.isPresent()) {
contextBuilder.keyManager(certPath.get().toFile(), keyPath.get().toFile());
}
if (caPath.isPresent()) {
contextBuilder.trustManager(caPath.get().toFile());
}
return channelBuilder(host, port)
.sslContext(contextBuilder.build())
.negotiationType(NegotiationType.TLS);
}
private SslContextBuilder getSslContextBuilder() {
log.info("Grpc config: Configuring ssl cert {} key {} trust {}",
grpcProperties.getTls().getCertChainFile(), grpcProperties.getTls().getPrivateKeyFile(), grpcProperties.getTls().getTrustCertCollectionFile());
SslContextBuilder sslClientContextBuilder = SslContextBuilder.forServer(
new File(grpcProperties.getTls().getCertChainFile()),
new File(grpcProperties.getTls().getPrivateKeyFile())
);
if (grpcProperties.getTls().getTrustCertCollectionFile() != null) {
sslClientContextBuilder.trustManager(new File(grpcProperties.getTls().getTrustCertCollectionFile()));
sslClientContextBuilder.clientAuth(ClientAuth.REQUIRE);
}
return GrpcSslContexts.configure(sslClientContextBuilder, SslProvider.OPENSSL);
}
private static SslContext buildSslContext(String trustCertCollectionFilePath,
String clientCertChainFilePath,
String clientPrivateKeyFilePath) throws SSLException {
SslContextBuilder builder = GrpcSslContexts.forClient();
if (trustCertCollectionFilePath != null) {
builder.trustManager(new File(trustCertCollectionFilePath));
}
if (clientCertChainFilePath != null && clientPrivateKeyFilePath != null) {
builder.keyManager(new File(clientCertChainFilePath), new File(clientPrivateKeyFilePath));
}
return builder.build();
}