Using TLS in grpc-gateway
By default DialOption{grpc.WithInsecure()}
is used in example. And as docs mention you just need to replace WithInsecure
with transport creds.
//opts := []grpc.DialOption{grpc.WithInsecure()}
creds, _ := credentials.NewClientTLSFromFile("tls.crt", "")
opts := []grpc.DialOption{grpc.WithTransportCredentials(creds)}
Replace ListenAndServe
to ListenAndServeTLS
Full example:
func run() error {
ctx := context.Background()
ctx, cancel := context.WithCancel(ctx)
defer cancel()
mux := runtime.NewServeMux()
// opts := []grpc.DialOption{grpc.WithInsecure()}
creds, err := credentials.NewClientTLSFromFile("tls.crt", "")
if err != nil {
return err
}
opts := []grpc.DialOption{grpc.WithTransportCredentials(creds)}
err = fw.RegisterUserServiceHandlerFromEndpoint(ctx, mux, *grpcTarget, opts)
if err != nil {
return err
}
return http.ListenAndServeTLS(*hostAddr, "tls.crt", "tls.key", mux)
}
PS: blog