服务端代码
package main
import (
"crypto/tls"
"crypto/x509"
"google.golang.org/grpc"
"google.golang.org/grpc/credentials"
"grpcpro/services"
"io/ioutil"
"net"
)
func main() {
cert,_:=tls.LoadX509KeyPair("cert/server.pem","cert/server.key")
certPool := x509.NewCertPool()
ca, _ := ioutil.ReadFile("cert/ca.pem")
certPool.AppendCertsFromPEM(ca)
creds:=credentials.NewTLS(&tls.Config{
Certificates: []tls.Certificate{cert},//服务端证书
ClientAuth: tls.RequireAndVerifyClientCert,
ClientCAs: certPool,
})
rpcServer:=grpc.NewServer(grpc.Creds(creds))
services.RegisterProdServiceServer(rpcServer,new(services.ProdService))
lis,_:=net.Listen("tcp",":8081")
rpcServer.Serve(lis)
//以下注释为grpc提供http服务代码
//mux:=http.NewServeMux()
//mux.HandleFunc("/", func(writer http.ResponseWriter, request *http.Request) {
// rpcServer.ServeHTTP(writer,request)
//})
//httpServer:=&http.Server{
// Addr:":8081",
// Handler:mux,
//}
//httpServer.ListenAndServeTLS("keys/server.crt","keys/server.key")
}
客户端代码
package main
import (
"context"
"crypto/tls"
"crypto/x509"
"fmt"
"google.golang.org/grpc"
"google.golang.org/grpc/credentials"
"grpccli/services"
"io/ioutil"
"log"
)
func main(){
//creds, err := credentials.NewClientTLSFromFile("keys/server.crt", "localhost")
//if err != nil {
// log.Fatal(err)
//}
cert,_:=tls.LoadX509KeyPair("cert/client.pem","cert/client.key")
certPool := x509.NewCertPool()
ca, _ := ioutil.ReadFile("cert/ca.pem")
certPool.AppendCertsFromPEM(ca)
creds:=credentials.NewTLS(&tls.Config{
Certificates: []tls.Certificate{cert},//客户端证书
ServerName: "localhost",
RootCAs: certPool,
})
conn,err:=grpc.Dial(":8081",grpc.WithTransportCredentials(creds))
if err!=nil{
log.Fatal(err)
}
defer conn.Close()
prodClient:=services.NewProdServiceClient(conn)
prodRes,err:=prodClient.GetProdStock(context.Background(),
&services.ProdRequest{ProdId:12})
if err!=nil{
log.Fatal(err)
}
fmt.Println(prodRes.ProdStock)
}
<wiz_tmp_tag id="wiz-table-range-border" contenteditable="false" style="display: none;">