Why I can't use default root certificates when I create a channel with client certificates and key? #362
Closed
4 tasks done
Comments
|
I would create a pull request, but I can't predict which way is more appropriate. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Question Checklist
Question Subject
The question consists of two parts.
address:secure:arguments:initializer. Is this intentional and if it is, what reason for?In SwiftGRPC there is only a function that returns regular "roots.pem" content. This function is internal so I have no access to default root certificates and could not use them to pass them into an
address:certificates:clientCertificates:clientKey:args:initializer. Is this intentional and if it is, what reason for?Question Description
As for now the only decision that allows me to create a channel with default root certificates is to download "roots.pem" and put it into my app, while I know that SwiftGRPC framework already contains it.
To be honest, I'm not very familiar with GRPC properly usage, and my expectations are mostly based on other GRPC frameworks knowledge. The question may be dumb and I apologize in advance.
Update: I've discovered that grpc-swift project also have "roots.pem" file which does not included as a resource into a pod.
It looks weird for me that "roos.pem" used by a grpc undercover, grpc-swift uses
roots_pem()method in swift, and a pod user has no access to any of this file and no ability to the use default root certificates with his own client certificates and key.In my opinion either "roots.pem" should be added to pod resources in a podspec, or roots_pem() must be a public, or Channel initializer should have a parameter to use default root certificates. The third way allows to keep private
roots_pem()method and does not include "roots.pem" as a resourse of SwiftGRPC pod.The text was updated successfully, but these errors were encountered: