Hi I am trying to write a test grpc client and service in python. When I use an insecure channel, everything works stably, but if I try to establish a tls connection, an error occurs. To write code and create a chain of certificates, I used this guide https://github.com/joekottke/python-grpc-ssl.How can I make this example work?
grpcio version : 1.51.1 python version 3.9.17
Error message
Service code
Client code
I tried to change certificates, creating them not only according to the manual, but also using openssl. And also change the encryption method for certificates from RSA to P-256 curve. But none of the above helped.
grpcio version : 1.51.1 python version 3.9.17
Error message
Code:
Message = <_InactiveRpcError of RPC that terminated with:
status = StatusCode.UNAVAILABLE
details = "failed to connect to all addresses"
debug_error_string = "{"created":"@1690999363.720000000","description":"Failed to pick subchannel","file":"src/core/ext/filters/client_channel/client_channel.cc","file_line":3094,"referenced_errors":[{"created":"@1690999363.720000000","description":"failed to connect to all addresses","file":"src/core/lib/transport/error_utils.cc","file_line":163,"grpc_status":14}]}"
>
Source = F:\Work\PytService\ClientPy\ClientPy.py
Stack trace:
File "F:\Work\PytService\ClientPy\ClientPy.py", line 22, in run
response = stub.SayHello(service_pb2.HelloRequest(name='you'))
File "F:\Work\PytService\ClientPy\ClientPy.py", line 32, in <module> (Current frame)
run()
grpc._channel._InactiveRpcError: <_InactiveRpcError of RPC that terminated with:
status = StatusCode.UNAVAILABLE
details = "failed to connect to all addresses"
debug_error_string = "{"created":"@1690999363.720000000","description":"Failed to pick subchannel","file":"src/core/ext/filters/client_channel/client_channel.cc","file_line":3094,"referenced_errors":[{"created":"@1690999363.720000000","description":"failed to connect to all addresses","file":"src/core/lib/transport/error_utils.cc","file_line":163,"grpc_status":14}]}"
>
Code:
from concurrent import futures
import logging
import grpc
import service_pb2
import service_pb2_grpc
class Greeter(service_pb2_grpc.GreeterServicer):
def SayHello(self, request, context):
return service_pb2.HelloReply(message='Hello, %s!' % request.name)
def SayHelloAgain(self, request, context):
return service_pb2.HelloReply(message=f'Hello again, {request.name}!')
def serve():
port = '50051'
server_host = 'localhost'
server = grpc.server(futures.ThreadPoolExecutor(max_workers=10))
service_pb2_grpc.add_GreeterServicer_to_server(Greeter(), server)
keyfile = 'server-key.pem'
certfile = 'server-cert.pem'
private_key = open(keyfile).read()
certificate_chain = open(certfile).read()
credentials = grpc.ssl_server_credentials(
((bytes(private_key, 'utf-8'), bytes(certificate_chain, 'utf-8'),),)
)
server.add_secure_port('localhost:50001',credentials)
server.start()
print("Server started, listening on " + port)
server.wait_for_termination()
if __name__ == '__main__':
logging.basicConfig()
serve()
Code:
from __future__ import print_function
import logging
import grpc
import grpc_tools
import service_pb2
import service_pb2_grpc
def run():
ca_cert = 'ca-cert.pem'
root_certs = open(ca_cert).read()
credentials = grpc.ssl_channel_credentials((bytes(root_certs, 'utf-8')))
with grpc.secure_channel('localhost:50051',credentials) as channel:
stub = service_pb2_grpc.GreeterStub(channel)
response = stub.SayHello(service_pb2.HelloRequest(name='you'))
print("Greeter client received: " + response.message)
response = stub.SayHelloAgain(service_pb2.HelloRequest(name='you1'))
print("Greeter client received: " + response.message)
if __name__ == '__main__':
logging.basicConfig()
run()