mirror of
https://github.com/go-kratos/kratos.git
synced 2026-05-22 10:15:24 +02:00
feat(transport): add transport tls config (#1267)
* add http tls config * add grpc tls config * add examples tls * fix resolver parseTarget * support https for discovery * add isSecure * clean code Co-authored-by: longXboy <longxboyhi@gmail.com> Co-authored-by: 包子 <baozhecheng@foxmail.com>
This commit is contained in:
Tony Chen
GitHub
@@ -0,0 +1,10 @@
|
||||
# Run the example
|
||||
|
||||
1、Compile and execute the server code:
|
||||
```shell
|
||||
$ go run server/main.go
|
||||
```
|
||||
2、From a different terminal, compile and execute the client code:
|
||||
```shell
|
||||
$ go run client/main.go
|
||||
```
|
||||
@@ -0,0 +1,64 @@
|
||||
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFZTCCA02gAwIBAgIBATANBgkqhkiG9w0BAQUFADB8MQswCQYDVQQGEwJDTjEL
|
||||
MAkGA1UECAwCU0gxCzAJBgNVBAcMAlNIMQ8wDQYDVQQKDAZrcmF0b3MxCzAJBgNV
|
||||
BAsMAklUMRMwEQYDVQQDDAprcmF0b3MuY29tMSAwHgYJKoZIhvcNAQkBFhFrcmF0
|
||||
b3NAa3JhdG9zLmNvbTAeFw0yMTA3MjcxNTM1MjJaFw0yMjA3MjcxNTM1MjJaME0x
|
||||
CzAJBgNVBAYTAkNOMQswCQYDVQQIDAJTSDELMAkGA1UEBwwCU0gxDzANBgNVBAoM
|
||||
BmtyYXRvczETMBEGA1UEAwwKa3JhdG9zLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQAD
|
||||
ggIPADCCAgoCggIBALfEWAuPqUHTwTiOT8dtiCM3aEm1D7I6K/PY2mSDMMOI4f5z
|
||||
TYi7LsKLLItMQR44cEDein/kl0U0QNYJRHqVCr/3IXA4ds0maiq+npY/S2KABDiI
|
||||
Z38TZ1PZ2bcD3Jb0o1gw0GcSokOGzVtuNKSiASc3D711AepGerChD5UrbixrZdg2
|
||||
wAeWZj39Tl93+zCcldVrCHMSM7LmDluHJ5KZ8T6auuK6ypQPVhqLz8VseHhB/IRw
|
||||
s9/o9OlJ3kv4wB/CWlFIvU6ZGVnshZAGOk3Brq25kw600RRDr2MpxNhFY1Xvrt7D
|
||||
tAJ7fK3/3VaV+I2C4OzzmztK7T1WlL8XqZj6I3t1ZCZryMvDIUPzC4mgiRqEJiF7
|
||||
VzuVm1sjyTKkD4oX6ZjJYXJ/6pbvd8+AexuwVAsQJKqaF1iQC9jThg55RUTkGo8F
|
||||
DFErW7XHKHe8vKXuRLG5k3xZBiHK7gsVyHzx0ouuSuZMFHg7L9ACeeqtqxqKNd+0
|
||||
fIo4N0vNb3GEj+YaTLoadhDSBEsynyQNTfrDf+oFRmQUg3q0W4VJHJFhkmTHRRcq
|
||||
Qj6xEAJDHC1xr8yr3jif9BKWG2+zEbvpiTcRXKhycv2OUI11dK72aMnOycusJjRe
|
||||
8pOqcYhSVQZnz31WWlkmX9TRiQtEeUUkFCYAnIArSKm5rNwOddLCzC8Z4js1AgMB
|
||||
AAGjITAfMB0GA1UdEQQWMBSCDCoua3JhdG9zLmNvbYcEfwAAATANBgkqhkiG9w0B
|
||||
AQUFAAOCAgEAjr3SXzNOcN8+JQuroS6hKHadrcp6djepd3r5YKSEjKBNxVAU0gj6
|
||||
QGl0zjSqhxSFwN4wCqXU/4JJVOyAJCV+t992j5wNdaGI+Tcu4whK2LtPi0O68ttq
|
||||
Nn5H/8bmotW0IZ/YDcq1V8EVWiTZPECk4QLx26S2sjG4HOKNUAs8o+PoUmQE5bKJ
|
||||
XBFWmjsOfPnI0WBGnuCvGUw5wP1ipLiuK+OhoTNKA6SXPopm5KMDv7gjYPlcmPyI
|
||||
sJcpve75m9EXQxrDvJtvws8MIZnkWvWi7bW6uQ7274S7YjMZL09/sQTolQOtwl59
|
||||
pvEbkQNPzgdvQYAfrlJjSBtbq3OtHF+j+p2K+7R0TY2F1OW3LeV8vkcq7IOt38Er
|
||||
FK5feNEL3t9GlrF8ASmJp/JvhWQiJo5tZJxWZ68CjKfLmVd406ehsK5XNlHJemnl
|
||||
hNpuAegeV6WDglvMNavvQCJfK5mKokn73HujtQveZ8vwPKV4f6Wg3sHJ2yyP7ou2
|
||||
2UZ10Qbp6UvFYfYuMvLuq8kznapWqQ0dIJzPDs+CzVtjk1eINUF9UjsSvqX4oCvy
|
||||
+ZvaM9k4kU/fJMRkLstc/Dx2G13T/moI/l5sw0qFtck12zs/SQ7xgcW3b0ruGX9S
|
||||
11opfl5R86GpXXbz+vNL9fWP+8cIvoGZK8RAC872bcMPEoJPjPIwAbI=
|
||||
-----END CERTIFICATE-----
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIFdDCCA1wCCQDHq+cGa349DzANBgkqhkiG9w0BAQsFADB8MQswCQYDVQQGEwJD
|
||||
TjELMAkGA1UECAwCU0gxCzAJBgNVBAcMAlNIMQ8wDQYDVQQKDAZrcmF0b3MxCzAJ
|
||||
BgNVBAsMAklUMRMwEQYDVQQDDAprcmF0b3MuY29tMSAwHgYJKoZIhvcNAQkBFhFr
|
||||
cmF0b3NAa3JhdG9zLmNvbTAeFw0yMTA3MjcxNTMwMzlaFw0zMTA3MjUxNTMwMzla
|
||||
MHwxCzAJBgNVBAYTAkNOMQswCQYDVQQIDAJTSDELMAkGA1UEBwwCU0gxDzANBgNV
|
||||
BAoMBmtyYXRvczELMAkGA1UECwwCSVQxEzARBgNVBAMMCmtyYXRvcy5jb20xIDAe
|
||||
BgkqhkiG9w0BCQEWEWtyYXRvc0BrcmF0b3MuY29tMIICIjANBgkqhkiG9w0BAQEF
|
||||
AAOCAg8AMIICCgKCAgEApy2GV9MiECuelNk3fz1Qwh6+wj8Ip11NG+LxEGK4/MLD
|
||||
JRJtbgAg/7s3vzrm4WDKATDO27W6wewNFOvEnGWyh9wyjAtSgnAcJreq7F2DMbpO
|
||||
+E2guIQHSCCzfa10s4BgwXKdBRPPvwTADIHXPtlbq4BItJqzt/AhLQbdDAp93mHX
|
||||
NCzFdlIr4wflT2OW7EO24K2LgMZLWCzaESei9fL6AYm7jEvfaFYZksI3rjJNAj1q
|
||||
wccMu1o6TvdWRA5fvBi6h15Z0ekR8C2LbM1A54zziZwd+YjcwdQHJJgWJFH7yNSt
|
||||
Oe/AJZzP1nRk/5H0EvxBnF7du6vfeSjZJytp8cXMlbYg4NGGkSy782tBaUaDIb43
|
||||
iLqSjfHVZDLzbDGNy/u/mzfo4xS8lxZ92zE7z21d0WyUAJ75Z72v4kaNTr2tnMuE
|
||||
NTTG1787e3NB0CaV6gjeP8XbMV8gwNTrJmTW3dS+DT6sKtTIISOvsUCZ6h5qFvKU
|
||||
RWqJ7MiaSxg31DPg51caYDjiVLkkES8GRpPM/Njsg9WpFTQeqcecKbbOdw0ihvoV
|
||||
fq0FgHpp+jbjm0KkmcNdSX7Ld5XeHp2rBPkA283IdXIAvjjthlyWJTmSP6kDDdEI
|
||||
km4Did1Bg0wcXNnFlbHHavCfeRTQbVoIYVkWH7I323Vp8itvKobz1GirSOK0Hr0C
|
||||
AwEAATANBgkqhkiG9w0BAQsFAAOCAgEAFBYIOOyABIbUUOjjjvx2FSDRBNLpee5O
|
||||
45KmznuCGerhR7ad3rUNhaakA9HJzmLMUXtmyzy6+ej0HzdqZE7RRzdDVftBGaOf
|
||||
thwEzUAiHfqeX0o039sTQvJSqUY2sBko+tyDRmeNtmd3TPE5VZZSWG+TUtrOofr7
|
||||
K28UquMthJrmtSC8IJQOvA78Nc/FCPNaGZrcS8ZvrgbrkCLPN4dIJvY9I38xaWQ+
|
||||
G0gNQazxPzdp89/UMzkczyJAKjYj4JyLCbrjzTZXjtu+rYJezxyS+3QSf0F0xVBr
|
||||
/8HCeXX6xG16WZY54Z6AijqI3sjiRBSQ25rLJJ00sWa9k1oH0Poyiv4pQG3RHgIs
|
||||
jJEQh7RQE5zAsBx2NHZ8FcsUGX2oOjSS+vtX//Bg37kN7oYx5HEtK9c+a0wWUxo8
|
||||
8cqIzqrQSWOd1CipxbE5CUUNKdGQzNCLTfLO68KitLdaSOCGoU/PaoAncbr6EjdB
|
||||
kzqJcHooqq8asl6fu1DVnYqCpEEp30ldU3p4MdclcMV0XZUq6bXFq1ylmfZXfC0t
|
||||
zSGnBUjxB5lohn5fs1S/DxyoUR8LbIFVWCljEf4jJtMRnCQV3bR3xeVTbGh3ti81
|
||||
21uhQKjIP/X2BRNAvRo1qUbrzEeHAJG3EbIG78rRFvSz6MkWVTZzeH1SgCr9Onw7
|
||||
djovWE7E6ic=
|
||||
-----END CERTIFICATE-----
|
||||
@@ -0,0 +1,51 @@
|
||||
-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIJKwIBAAKCAgEAt8RYC4+pQdPBOI5Px22IIzdoSbUPsjor89jaZIMww4jh/nNN
|
||||
iLsuwossi0xBHjhwQN6Kf+SXRTRA1glEepUKv/chcDh2zSZqKr6elj9LYoAEOIhn
|
||||
fxNnU9nZtwPclvSjWDDQZxKiQ4bNW240pKIBJzcPvXUB6kZ6sKEPlStuLGtl2DbA
|
||||
B5ZmPf1OX3f7MJyV1WsIcxIzsuYOW4cnkpnxPpq64rrKlA9WGovPxWx4eEH8hHCz
|
||||
3+j06UneS/jAH8JaUUi9TpkZWeyFkAY6TcGurbmTDrTRFEOvYynE2EVjVe+u3sO0
|
||||
Ant8rf/dVpX4jYLg7PObO0rtPVaUvxepmPoje3VkJmvIy8MhQ/MLiaCJGoQmIXtX
|
||||
O5WbWyPJMqQPihfpmMlhcn/qlu93z4B7G7BUCxAkqpoXWJAL2NOGDnlFROQajwUM
|
||||
UStbtccod7y8pe5EsbmTfFkGIcruCxXIfPHSi65K5kwUeDsv0AJ56q2rGoo137R8
|
||||
ijg3S81vcYSP5hpMuhp2ENIESzKfJA1N+sN/6gVGZBSDerRbhUkckWGSZMdFFypC
|
||||
PrEQAkMcLXGvzKveOJ/0EpYbb7MRu+mJNxFcqHJy/Y5QjXV0rvZoyc7Jy6wmNF7y
|
||||
k6pxiFJVBmfPfVZaWSZf1NGJC0R5RSQUJgCcgCtIqbms3A510sLMLxniOzUCAwEA
|
||||
AQKCAgEAhJuO3WjhvrrLp8AqGcMUhjUpcGbT2MzZgrFthzKUMcXJLxCNVqmcaI59
|
||||
qldwdhpMBsOQNhIChtHaJ5mwbLS4eSYgXxafxBKAci/zyIAMKhwu74yfArhBy+Rc
|
||||
kxCaUeRfKviuqnJr3UadUekI2/R72IyHMzQIGcKaLnNLB127txoY+BkqIU+KoBj2
|
||||
QTYXcVDNXqBKDJ+J5wLUQYAaMlQcHg0R5yLbpFQc0jMpz1Ei7cTQL9IUOvOkJ+RC
|
||||
IZhzK3fYLOfMk7cu8BEZoICd+hZVss9DK02XwoPFQE2X2mjX8d9v1RhsAY6Svgzw
|
||||
79Zw8c0L+nEgB31eDPE5jVvJ6rY2e1riojtnwoU6d7mjjpznRxN83kRo1HP5ZeU8
|
||||
GB+HMaXzS2iRyNF01kqBgbFnlT5eJHU6XvxqXxuCtauf1xVMZ56TBvyEw1CaQ6aM
|
||||
oYJl3bBxy2vdeH1+ah4wti8XkGCBJPVPehFrZ1Ohi1YFNXAcl0xAv9KbNtD+HCJB
|
||||
CJITsXdEfqJT9ToPLDWJiGcb8c0AyVcrQGHdzGXJ/ySsRyPa0MNAKgD2ZIUtlE2+
|
||||
RqHK9vCCw3mr8KwBmPI4JCgCujse2aK44dxXEWouKCzF+cyDjTKR1Vf/sgrfKOPv
|
||||
TCG6VmCW4m4X5RqRBvM1NzCCnS2YH0NR7n1aQBzm4kI0Hxt6qAECggEBAOczyO7J
|
||||
ZCm2fI+N/PUGuY+RwJ5qcjRTR2jPd87AbsxiCKqh2xLAhO+i8xPr8H8ec50tDnzY
|
||||
fBjBGuCo1fGIZVpn0fIXwCuO7GaAgrTI/nfn+T7gtDyIuVH8JgpIs6pKyUfWMI5l
|
||||
+LASymApoa5I47lTnLK8pgobDbBoG50GNEkUYVhni+2rdHiKeUPe9HoheIipHVat
|
||||
GnRCVTcLyRJjfSvvRYGhGtbF/sHpd2Nz3FSjd7KXalvpgWc+5t2ZDggKqxqvr8HY
|
||||
2YHVjsnxcB5UeKFzaSobuN3XnD8+Xb7QIL5LIQgzAuzTs/euBAEZh8SRlQe5bpy+
|
||||
WQOOTQpP0HR7cbUCggEBAMt6G7fLsAWybCpJsJxoOO0cFotBfMSzZkGZ7k3ESOOz
|
||||
HvEvRMg6B5wOkH5v/wKYKT19yl750DNK6KgndAwgDy3rcEY69dQYonwhwNpw767r
|
||||
/1Fm3YgLeUABLfNeW3pn7AZsfDn7XH4uloPCOYI93MeHlGytBix7OhsNS+JRcX4g
|
||||
xzyNwLqp1ExFOUIaNLn+CGJ/fBDtv6eKxdl9euZwP88JcW2PB8V9u+cgBdhwrk2F
|
||||
FmNZyUqS6H6HQFtNJYTHNpsRSzclPWr+y9eY/BfBjedub8dbiAzhs8LBhR9cCOPy
|
||||
A9fKiucJCsy3n8Vzfv0RzKen/eeY2Ig2zCap4Gm3k4ECggEBAIFXGAZ1xcIMI7zP
|
||||
av7MZ0yo9j/pPsCFAkLhJZ4VSyathTmn2H2yE+xXlXLEoEMNDxKT3TH8jdfvV5Dt
|
||||
AtrfOgwMXof3v3retuNU60ol0y3TKT2CyXG/7yStUb6ZE2Gl+tpkOb+/zhL6QBrx
|
||||
z1BH2JWZ7+SR4rVukwboBuKeUOu9KgQh0UcBjuPMW7CbbttQFDUnnpEZv93gKfnk
|
||||
bvUJkUHd1l2BehlCpJVofXC2pUD4PgM777VBeTIAH3lCoXXgOf5w4HsqS+v1Q683
|
||||
kUh2axGvFdsHrTD16KP8yMbxeg/aybzjhLRmbpyVzgmrdaeC5gNvOjEXz4ZMuk6V
|
||||
fgFb+a0CggEBAK9vS6CvPMfcqwfW2zAvaA1/byyHvQR3TQ34ow9n0hSIZoA6agpc
|
||||
hh0WLZzmAS+Cc+QxpZ83sjvXNTtuMM8XgR7tZLMYuMUyrD1seLOeNflSPqM3ln9q
|
||||
rRLzMWQokaS7HzP2qzDuuTOOBXX6qszRe56JFf6RO8Z0RIf4cdnisIC30DA0Y9xM
|
||||
+t77vD9zCszl6uLJ2fValyjkLGu1lZZDZ7ChCqwUavXqz2yaHpAbrxzlR4VHb5cd
|
||||
jNky0dkmbdfKTxlp0rjsIcUzhBsSKyBsYGYOwM9Y6rd4jh237og4OO4Xxxpx5ksG
|
||||
b8pL87QxPWcCxroyzGa3UNI4tNING5Dql4ECggEBAOFV45WtMi8LC66suRUnVWaG
|
||||
CqO6x5kFYsQgK/bSrCRgRJUPBlVEMUJim5Ql8haVkoYU6n5j6FXSMKJkRVctDhXk
|
||||
Cj/6GH2zEZ1xgZr6GxRPU4YbU6iRWHdZfGzWB6fqpfTsRFUHsJVCzB3aXffCmX0L
|
||||
+yqEMoX3B+R+EdTv3SF79K5a3bAA6VQtpnwHQ83PTK7MTTDepSdM+ft+6D++iGYS
|
||||
GU5+HGahjSg+iZti9feaOUIT5OfcXjoYUT3B6+rhgTQO2OMpq3QtSJhK7ZnP6HnZ
|
||||
URRaawDhyJSqOO8Z5Z/bdaMSJHWcR1huaHF7yGoPHR06xBzaX82tsHiZbZx5pg8=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
@@ -0,0 +1,63 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
|
||||
pb "github.com/go-kratos/kratos/examples/helloworld/helloworld"
|
||||
"github.com/go-kratos/kratos/v2/transport/grpc"
|
||||
"github.com/go-kratos/kratos/v2/transport/http"
|
||||
)
|
||||
|
||||
func main() {
|
||||
b, err := ioutil.ReadFile("../cert/server.crt")
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
cp := x509.NewCertPool()
|
||||
if !cp.AppendCertsFromPEM(b) {
|
||||
panic(err)
|
||||
}
|
||||
tlsConf := &tls.Config{ServerName: "www.kratos.com", RootCAs: cp}
|
||||
callHTTP(tlsConf)
|
||||
callGRPC(tlsConf)
|
||||
}
|
||||
|
||||
func callHTTP(tlsConf *tls.Config) {
|
||||
conn, err := http.NewClient(
|
||||
context.Background(),
|
||||
http.WithEndpoint("https://127.0.0.1:8000"),
|
||||
http.WithTLSConfig(tlsConf),
|
||||
)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
defer conn.Close()
|
||||
client := pb.NewGreeterHTTPClient(conn)
|
||||
reply, err := client.SayHello(context.Background(), &pb.HelloRequest{Name: "kratos"})
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
log.Printf("[http] SayHello %s\n", reply.Message)
|
||||
}
|
||||
|
||||
func callGRPC(tlsConf *tls.Config) {
|
||||
conn, err := grpc.Dial(
|
||||
context.Background(),
|
||||
grpc.WithEndpoint("127.0.0.1:9000"),
|
||||
grpc.WithTLSConfig(tlsConf),
|
||||
)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
defer conn.Close()
|
||||
client := pb.NewGreeterClient(conn)
|
||||
reply, err := client.SayHello(context.Background(), &pb.HelloRequest{Name: "kratos"})
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
log.Printf("[grpc] SayHello %+v\n", reply)
|
||||
}
|
||||
@@ -0,0 +1,63 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"fmt"
|
||||
"log"
|
||||
|
||||
"github.com/go-kratos/kratos/examples/helloworld/helloworld"
|
||||
"github.com/go-kratos/kratos/v2"
|
||||
"github.com/go-kratos/kratos/v2/transport/grpc"
|
||||
"github.com/go-kratos/kratos/v2/transport/http"
|
||||
)
|
||||
|
||||
// go build -ldflags "-X main.Version=x.y.z"
|
||||
var (
|
||||
// Name is the name of the compiled software.
|
||||
Name = "helloworld"
|
||||
// Version is the version of the compiled software.
|
||||
Version = "v1.0.0"
|
||||
)
|
||||
|
||||
// server is used to implement helloworld.GreeterServer.
|
||||
type server struct {
|
||||
helloworld.UnimplementedGreeterServer
|
||||
}
|
||||
|
||||
// SayHello implements helloworld.GreeterServer
|
||||
func (s *server) SayHello(ctx context.Context, in *helloworld.HelloRequest) (*helloworld.HelloReply, error) {
|
||||
return &helloworld.HelloReply{Message: fmt.Sprintf("Hello %+v", in.Name)}, nil
|
||||
}
|
||||
|
||||
func main() {
|
||||
cert, err := tls.LoadX509KeyPair("../cert/server.crt", "../cert/server.key")
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
tlsConf := &tls.Config{Certificates: []tls.Certificate{cert}}
|
||||
|
||||
s := &server{}
|
||||
httpSrv := http.NewServer(
|
||||
http.Address(":8000"),
|
||||
http.TLSConfig(tlsConf),
|
||||
)
|
||||
grpcSrv := grpc.NewServer(
|
||||
grpc.Address(":9000"),
|
||||
grpc.TLSConfig(tlsConf),
|
||||
)
|
||||
helloworld.RegisterGreeterServer(grpcSrv, s)
|
||||
helloworld.RegisterGreeterHTTPServer(httpSrv, s)
|
||||
|
||||
app := kratos.New(
|
||||
kratos.Name(Name),
|
||||
kratos.Server(
|
||||
httpSrv,
|
||||
grpcSrv,
|
||||
),
|
||||
)
|
||||
|
||||
if err := app.Run(); err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user