GRPC Golang Server client and Nodejs client about TSL/SSL configuration experience

This is a creation in Article, where the information may have evolved or changed.

1. First generate a build script that the certificate file found on GitHub:

openssl genrsa -passout pass:1111 -des3 -out ca.key 4096openssl req -passin pass:1111 -new -x509 -days 3650 -key ca.key -out ca.crt -subj "/C=FR/ST=Paris/L=Paris/O=Test/OU=Test/CN=ca"openssl genrsa -passout pass:1111 -des3 -out server.key 4096openssl req -passin pass:1111 -new -key server.key -out server.csr -subj  "/C=FR/ST=Paris/L=Paris/O=Test/OU=Server/CN=charmer"openssl x509 -req -passin pass:1111 -days 3650 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crtopenssl rsa -passin pass:1111 -in server.key -out server.keyopenssl genrsa -passout pass:1111 -des3 -out client.key 4096openssl req -passin pass:1111 -new -key client.key -out client.csr -subj  "/C=FR/ST=Paris/L=Paris/O=Test/OU=Client/CN=charmer"openssl x509 -passin pass:1111 -req -days 3650 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out client.crtopenssl rsa -passin pass:1111 -in client.key -out client.key

After execution, there will be 8 files in the directory, 2 CAs, 3 client and 3 server

2. Golang Service Side

creds, err := credentials.NewServerTLSFromFile("./server.crt", "./server.key")if err != nil {    ...}server := grpc.NewServer(grpc.Creds(creds))

3. Golang Client

creds, err := credentials.NewClientTLSFromFile("./keys/server.crt", "charmer")if err != nil {    ...}conn, err := grpc.Dial("xx.xx.xx.xx:xxxx", grpc.WithTransportCredentials(creds))defer conn.Close()

Note: The charmer here is the same as the one that generated the certificate when the parameter/cn=xxx XXX, is the SSL common name

4. Nodejs Client

const caCrt = fs.readFileSync(__dirname + "/ca.crt");const clientKey = fs.readFileSync(__dirname + "/client.key");const clientCrt = fs.readFileSync(__dirname + "/client.crt");let client = new hello_proto.Greeter("xx.xx.xx.xx:xxxx", grpc.credentials.createSsl(caCrt, clientKey, clientCrt), { "grpc.ssl_target_name_override": "charmer", "grpc.default_authority": "charmer" });client.sayHello...

Note Here the two key parameters Grpc.ssl_target_name_override and grpc.default_authority, which are also just the parameters of the common name