grpc-ecosystem/grpc-gateway

docs: provide example of mutual TLS authentication

Open

#350 创建于 2017年4月5日

在 GitHub 查看
 (7 评论) (0 反应) (0 负责人)Go (16,971 star) (2,250 fork)batch import
documentationhelp wanted

描述

Hi,

is there a way to do mutual TLS authentication between the client and grpc-gateway? I'd like to check if the client's public key is in a list or the certificate is signed by a specific CA and copy the client's name or the certificate's common name to grpc metadata. Sounds like a use case for some middleware, right?

Best, Malte

贡献者指南

技术栈
gorest api
领域
backendapisecurity
议题类型
documentation
难度面向新贡献者的预计实现难度,1 表示很小改动,5 表示专家级工作。
3
预计时间有经验贡献者完成调查、实现、测试并准备 pull request 的粗略时间范围。
half day
活动状态议题当前的可参与程度:新鲜、活跃、陈旧、阻塞或等待维护者输入。
stale
清晰度议题是否清楚说明期望改动、验收标准和下一步。
needs investigation
前置要求
gRPC fundamentalsGo programmingmTLS concepts
新手友好度1-100 的估计分数,表示该议题对首次贡献者的友好程度。
40
研究方向
First, review existing grpc gateway examples for authentication. Then, examine grpc go's mTLS support and how to plug middleware into grpc gateway. Finally, create a simple example showing client certificate validation and extraction of CN to gRPC metadata.