I am trying to connect a service with python grpc client.
here are the sample codes.
ca_cert = open('ca.crt', 'rb').read()
credentials = grpc.ssl_channel_credentials(ca_cert)
channel = grpc.secure_channel("{}:{}".format(bootstrap_host, "40400"),
credentials)
stub = TransportLayerStub(channel)
result = stub.Send(request)
But I connect establish the tls connection with the service.
I enabled the debug log with
os.environ["GRPC_TRACE"] = "transport_security,tsi"
os.environ["GRPC_VERBOSITY"] = "DEBUG"
Here are the logs :
I0623 02:20:28.304114400 84 ev_epoll1_linux.cc:116] grpc epoll fd:
10
D0623 02:20:28.304158200 84 ev_posix.cc:169] Using polling
engine: epoll1
D0623 02:20:28.304206400 84 dns_resolver_ares.cc:440] Using ares dns
resolver
E0623 02:20:28.304241400 84 trace.cc:61] Unknown trace
var: 'transport_security'
I0623 02:20:28.304516800 84 socket_utils_common_posix.cc:346]
Disabling AF_INET6 sockets because ::1 is not available.
I0623 02:20:28.305339700 84 ssl_transport_security.cc:217]
HANDSHAKE START - TLS client start_connect - !!!!!!
I0623 02:20:28.305397900 84 ssl_transport_security.cc:217]
LOOP - TLS client enter_early_data - !!!!!!
I0623 02:20:28.305419700 84 ssl_transport_security.cc:217]
LOOP - TLS client read_server_hello - !!!!!!
I0623 02:20:28.307051900 84 ssl_transport_security.cc:217]
LOOP - TLS client read_server_certifi - !!!!!!
I0623 02:20:28.307186400 84 ssl_transport_security.cc:217]
LOOP - TLS client read_certificate_st - !!!!!!
I0623 02:20:28.307195600 84 ssl_transport_security.cc:217]
LOOP - TLS client verify_server_certi - !!!!!!
I0623 02:20:28.307214700 84 ssl_transport_security.cc:217]
LOOP - TLS client read_server_key_exc - !!!!!!
I0623 02:20:28.307535300 84 ssl_transport_security.cc:217]
LOOP - TLS client read_certificate_re - !!!!!!
I0623 02:20:28.307586300 84 ssl_transport_security.cc:217]
LOOP - TLS client read_server_hello_d - !!!!!!
I0623 02:20:28.307592700 84 ssl_transport_security.cc:217]
LOOP - TLS client send_client_certifi - !!!!!!
I0623 02:20:28.307597600 84 ssl_transport_security.cc:217]
LOOP - TLS client send_client_key_exc - !!!!!!
I0623 02:20:28.308000100 84 ssl_transport_security.cc:217]
LOOP - TLS client send_client_certifi - !!!!!!
I0623 02:20:28.308029000 84 ssl_transport_security.cc:217]
LOOP - TLS client send_client_finishe - !!!!!!
I0623 02:20:28.308057400 84 ssl_transport_security.cc:217]
LOOP - TLS client finish_flight - !!!!!!
I0623 02:20:28.308063300 84 ssl_transport_security.cc:217]
LOOP - TLS client read_session_ticket - !!!!!!
I0623 02:20:28.308067000 84 ssl_transport_security.cc:217]
LOOP - TLS client process_change_ciph - !!!!!!
E0623 02:20:28.308849100 84 ssl_transport_security.cc:1238] Handshake
failed with fatal error SSL_ERROR_SSL: error:10000410:SSL
routines:OPENSSL_internal:SSLV3_ALERT_HANDSHAKE_FAILURE.
D0623 02:20:28.308929200 84 security_handshaker.cc:176] Security
handshake failed:
{"created":"@1561256428.308918500","description":"Handshake
failed","file":"src/core/lib/security/transport/security_handshaker.cc","file_line":291,"tsi_code":10,"tsi_error":"TSI_PROTOCOL_FAILURE"}
I0623 02:20:28.309033400 84 subchannel.cc:960] Connect
failed: {"created":"@1561256428.308918500","description":"Handshake
failed","file":"src/core/lib/security/transport/security_handshaker.cc","file_line":291,"tsi_code":10,"tsi_error":"TSI_PROTOCOL_FAILURE"}
I0623 02:20:28.309058700 84 subchannel.cc:897] Subchannel
0x5580c0c6c860: Retry in 996 milliseconds
Are there anyways I can use to get what is wrong with "client
process_change_ciph"?
--
You received this message because you are subscribed to the Google Groups
"grpc.io" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/grpc-io/e3745d54-c344-4953-97f4-1a2ef0209fb7%40googlegroups.com.
