preface

.net Core3.0 is finally here as promised. There are many additions and changes in 3.0. Today we will look at the problems with using gRPC in 3.0. GRPC can now be very convenient and simple in. Net Core, which I tried today, but unfortunately ran into some obstacles. Let’s see what the problem is.

GRPC introduction

GRPC is Google open source a high-performance, cross-language RPC framework, based on HTTP2 protocol, using ProtoBuf defined IDL.

Advantages:

    1. Modern high-performance lightweight RPC framework
    2. Protocol-first API development, using protocol buffers by default, allows language-independent implementations
    3. Tools that can implement multiple languages
    4. Protobuf binary serialization, high performance/efficiency
    5. Based on the Http2.0

There are many articles about using gRPC in ASP.NET Core 3.0, and I read those articles to learn about it. You can also go to the search.

The deployment problem

Follow the step-by-step instructions in the article using gRPC in ASP.NET Core 3.0 to create the project and write the code. There’s a process that goes down that goes down. Start testing locally after you’ve written it. Run the server first. Running client. See the message return on the client. A success. The first time it worked, it was easier. There are two points to note because gRPC used in 3.0 is based on Http2.0. It requires HTTPS, and although HTTPS is not explicitly required, it is required in browser implementations for security, so HTTP/2 and HTTPS are pretty much a pair.

So when we run it locally we get a pop-up asking if we trust the certificate. And that’s where my question comes in. Everything is fine locally. I thought I’d try it on a server. As a result, the server is running, and the client is running incorrectly.

Unhandled exception. System.Net.Http.HttpRequestException: The SSL connection could not be established, see inner exception.

 ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.Copy the code

The solution

1, change HTTPS to HTTP

I was a little puzzled by this error. I first checked the environment and found that it was all right. I’m a little confused. Then look at the connection failure. I’m going to try to change HTTPS to HTTP. It turned out to be wrong. This method was abandoned. (After modification, SSL/TLS configurations on the client and server do not match. .net Core clients must be used in HTTPS server addresses to properly use secure connections.

2. Trust Certificate (available)

A closer look at the error shows that the certificate ends up being invalid. This is reminiscent of the popup that prompted us to trust the certificate the first time we ran it locally. That seems to be the relationship. Try to get down this way. Find out how to install ASP.NET Core HTTPS development certificate. Then we tried again, and sure enough it worked.

dotnet dev-certs https --trustCopy the code

3. Ignore invalid certificates (feasible)

A solution was found. Since the problem is caused by invalid certificates, is it ok to ignore invalid certificates? Then we switch servers and try again. Add code to ignore invalid certificates. And then try again and find that it works. However, it is important to note that the invalid certificate can be ignored during the development process and replaced by a valid certificate in the production environment

var httpClientHandler = new HttpClientHandler(); // Return `true` to certificates that are untrusted/gave httpClientHandler ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator; var httpClient = new HttpClient(httpClientHandler); var channel = GrpcChannel.ForAddress("https://localhost:5001",new GrpcChannelOptions { HttpClient = httpClient });
            var client = new Greeter.GreeterClient(channel);Copy the code

conclusion

When we use gRPC in.net Core 3.0, we need to be careful to keep the CLIENT and server SSL/TLS configuration matching, based on HTTP2.0, using HTTPS for connection. The issue of certificates is resolved in the development environment, but in the production environment we still need to use valid certificates.

Ordinary life with ordinary heart to treat, your life will be more wonderful.

You are welcome to scan the qr code below and learn more about it!