the TLS is for client to authenticate it self with the server
with a cert files they have .
ejona
Okay, yeah, client-certs. I've been told it is possible, and I have a general idea about how it functions.
On the server-side you would use the auth context (I'm not sure how to get it; I assume from the call); see grpc++/security/auth_context.h
If the client was authenticated you would expect IsPeerAuthenticated to be true.
On client-side, you would use SslCredentialsOptions which has support for client certificates.
I'm unsure how on the server you enable "want client certs" or "need client certs"
(see grpc++/security/credentials.h for SslCredentialsOptions)
JS__
okay i will check those header files..
thanku
ejona
I see a force_client_auth on SslServerCredentialsOptions (in server_credentials.h). That looks to be how you request the client send their certificate.
JS__
yea true..i need to understand how to use those APIs
tommmied joined the channel
JS__ has quit
s1lv3rd3m0n joined the channel
s1lv3rd3m0n has quit
rmz_la3lma has quit
rmz_la3lma joined the channel
arkq joined the channel
Kanalia joined the channel
Kanalia
good mornings
tommmied joined the channel
Kanalia has quit
eicca joined the channel
eicca
thanks ejona! I'm going to try it probably next week and I will share my experience.