Is it possible to fit a m.GetCertificate into a GRPC client / server?
m := &autocert.Manager{
Cache: autocert.DirCache("tls"),
Prompt: autocert.AcceptTOS,
HostPolicy: autocert.HostWhitelist("example.com"),
}
go http.ListenAndServe(":http", m.HTTPHandler(nil))
cert, err := m.GetCertificate(...)
if err != nil {
t.Fatalf("Failed to generate certificates %s", err)
}
creds := credentials.NewServerTLSFromCert(cert)
srv := grpc.NewServer(grpc.Creds(creds))
reflection.Register(srv)
https://github.com/golang/go/issues/24894
Use NewTLS instead of NewServerTLSFromCert.
https://godoc.org/google.golang.org/grpc/credentials#NewTLS
Credits to FiloSottile
m := &autocert.Manager{
Cache: autocert.DirCache("tls"),
Prompt: autocert.AcceptTOS,
HostPolicy: autocert.HostWhitelist("example.com"),
}
go http.ListenAndServe(":http", m.HTTPHandler(nil))
creds := credentials.NewTLS(&tls.Config{GetCertificate: m.GetCertificate})
srv := grpc.NewServer(grpc.Creds(creds))
reflection.Register(srv)
Hopefully this will be helpful:
Documentation: https://github.com/grpc/grpc-go/blob/master/Documentation/grpc-auth-support.md
Example Code: https://github.com/grpc/grpc-go/tree/master/examples/oauth