grpc-ecosystem/grpc-gateway

docs: provide example of mutual TLS authentication

Open

#350 opened on Apr 5, 2017

View on GitHub
 (7 comments) (0 reactions) (0 assignees)Go (16,971 stars) (2,250 forks)batch import
documentationhelp wanted

Description

Hi,

is there a way to do mutual TLS authentication between the client and grpc-gateway? I'd like to check if the client's public key is in a list or the certificate is signed by a specific CA and copy the client's name or the certificate's common name to grpc metadata. Sounds like a use case for some middleware, right?

Best, Malte

Contributor guide

Tech stack
gorest api
Domain
backendapisecurity
Issue type
documentation
DifficultyEstimated implementation difficulty for a new contributor, from 1 for very small changes to 5 for expert-level work.
3
Estimated timeA rough time range for an experienced contributor to investigate, implement, test, and prepare a pull request.
half day
Activity statusHow available the issue appears right now: fresh, active, stale, blocked, or waiting on maintainer input.
stale
ClarityHow clearly the issue explains the expected change, acceptance criteria, and next step.
needs investigation
Prerequisites
gRPC fundamentalsGo programmingmTLS concepts
Newbie friendlinessA 1-100 score estimating how approachable this issue is for first-time contributors.
40
Research direction
First, review existing grpc gateway examples for authentication. Then, examine grpc go's mTLS support and how to plug middleware into grpc gateway. Finally, create a simple example showing client certificate validation and extraction of CN to gRPC metadata.