Member-only story
Implementing SSL/TLS Auth in gRPC — Let’s Do Tech
gRPC supports various authentication mechanisms like SSL/TLS, ALTS (Application Layer Transport Security), and token based authentication. In this post, we will be implementing SSL/TLS auth in gRPC systems. We will begin by understanding the basics of SSL authentication, and also generate required key and certificate files to implement in our example.
In the previous blog post, while covering the basics of gRPC communication with Go, we introduced an example of a calculator server and client. The client-server gRPC communication in that example was not secure. If you check the client code here, it attempts to connect to the server in an insecure manner.
In real world situations, this poses a very high risk on multiple fronts. Thus to secure this communication, we implement certificate based authentication — also known as SSL/TLS based authentication. In this post, I cover the bare bones of implementing SSL/TLS Auth in gRPC based machine-to-machine communication.
As a spoiler, this post is not really about gRPC. But it helps in understanding how to implement certificate based authentication in a distributed architecture.
Full code of the example discussed in this post can be found in below link.
