时间戳

首页 > 解决方案 > GRPC TLS c++ 通信返回 ssl_transport_security.cc:1723] 找不到服务器名称的匹配项:10.100.102.5

c++ - GRPC TLS c++ 通信返回 ssl_transport_security.cc:1723] 找不到服务器名称的匹配项:10.100.102.5

问题描述

我正确创建了一个 grpc不安全服务器。现在我正在努力使其安全。我的代码是:

服务器: std::string key = readFileContent("server.key");
std::string cert = readFileContent("server.crt");
std::string root = readFileContent("ca.crt");

grpc::SslServerCredentialsOptions::PemKeyCertPair pkcp = {key, cert};
grpc::SslServerCredentialsOptions ssl_opts;
ssl_opts.pem_root_certs = 根;
ssl_opts.pem_key_cert_pairs.push_back(pkcp);
ssl_opts.client_certificate_request = GRPC_SSL_REQUEST_AND_REQUIRE_CLIENT_CERTIFICATE_AND_VERIFY;
std::shared_ptrgrpc::ServerCredentials 凭据 = grpc::SslServerCredentials(ssl_opts);
builder.AddListeningPort("10.100.102.5:5055", cred);
builder.RegisterService(服务);
std::unique_ptrgrpc::Server serverPtr = builder.BuildAndStart();
std::unique_ptr 服务器(std::move(serverPtr));
服务器->等待();

客户:

std::string key = readFileContent("client.key");
std::string cert = readFileContent("client.crt");
std::string root = readFileContent("ca.crt");

grpc::SslCredentialsOptions ssl_opts {root, key, cert};
自动 ssl_creds = grpc::SslCredentials(ssl_opts);
自动存根_ = RemoteSigner::NewStub("10.100.102.5:5055",ssl_creds);
ethereum::validator::accounts::v2::ListPublicKeysResponse 回复;
ClientContext 上下文;
stub_->ListValidatingPublicKeys(&context, ::google::protobuf::Empty(), &reply);

生成我的密钥:

openssl genrsa -passout pass:1234 -des3 -out ca.key 4096
openssl req -passin pass:1234 -new -x509 -days 365 -key ca.key -out ca.crt -subj "/C=SP/ST=Spain /L=Valdepenias/O=Test/OU=Test/CN=Root"

openssl genrsa -passout pass:1234 -des3 -out server.key 4096
openssl req -passin pass:1234 -new -key server.key -out server.csr -subj "/C=SP/ST=Spain/L=Valdepenias/ O=Test/OU=Server/CN=10.100.102.5"
openssl x509 -req -passin pass:1234 -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt

openssl rsa -passin pass:1234 -in server.key -out server.key

openssl genrsa -passout pass:1234 -des3 -out client.key 4096
openssl req -passin pass:1234 -new -key client.key -out client.csr -subj "/C=SP/ST=Spain/L=Valdepenias/ O=Test/OU=Client/CN=10.100.102.5"
openssl x509 -passin pass:1234 -req -days 365 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out client.crt

openssl rsa -passin pass:1234 -in client.key -out client.key

收到此错误:transport_security.cc:1723] 找不到服务器名称的匹配项:10.100.102.5。你能帮我找出问题吗?

标签: c++debuggingopensslgrpctls1.2

解决方案

推荐阅读