2024/04/12 16:09:36 rpc error: code = Unavailable desc = connection error: desc = "transport: authentication handshake failed: tls: failed to verify certificate: x509: cannot validate certificate for 0.0.0.0 because it doesn't contain any IP SANs"
This is because the certificates were created without a config file.
Recreated the certificates with the following config file:
zzh@ZZHPC:/zdata/Github/grpc-go/server$ cat server-ext.cnf subjectAltName=DNS:*.microservices.dev,DNS:*.microservices.dev,IP:0.0.0.0
The above error disappeared, but got new error:
2024/04/12 16:30:28 rpc error: code = Unavailable desc = connection error: desc = "transport: authentication handshake failed: tls: failed to verify certificate: x509: certificate signed by unknown authority (possibly because of \"crypto/rsa: verification error\" while trying to verify candidate authority certificate \"*.ZhangZhihuiAAA.dev\")"
Changed the server-ext.cnf to below:
zzh@ZZHPC:/zdata/Github/grpc-go/server$ cat server-ext.cnf subjectAltName=DNS:*.ZhangZhihuiAAA.dev,DNS:*.ZhangZhihuiAAA.dev,IP:0.0.0.0
Recreated the certificates, but still got the same error.
Cheched the client code, found that it used the "client/client.crt" file.
Updated the code and let it use "./ca.crt":
creds, err := credentials.NewClientTLSFromFile("./ca.crt", "0.0.0.0")
The error disappeared.
标签:code,certificate,GRPC,0.0,dev,server,error From: https://www.cnblogs.com/zhangzhihui/p/18131687