Yes, the proxy supports this method. Without a proxy, connection and
messaging works well.
But if I use the http_proxy or grpc_proxy variable I get an error. If you
turn on the debug mode, then you see this error:
I0227 11:28:02.546379100 536 socket_utils_common_posix.cc:428]
Disabling AF_INET6 sockets because ::1 is not available.
I0227 11:28:02.642127500 536 http_connect_handshaker.cc:329] Connecting
to server tts.3i-vox.xyz:443 via HTTP proxy ipv4:10.34.199.42:3131
E0227 11:28:02.889812400 536 ssl_transport_security.cc:1455] Handshake
failed with fatal error SSL_ERROR_SSL: error:1000007d:SSL
routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED.
D0227 11:28:02.889915100 536 security_handshaker.cc:182] Security
handshake failed:
{"created":"@1614425282.889896700","description":"Handshake
failed","file":"/tmp/grpc/src/core/lib/security/transport/security_handshaker.cc","file_line":305,"tsi_code":10,"tsi_error":"TSI_PROTOCOL_FAILURE"}
I0227 11:28:02.890231900 536 subchannel.cc:1060] Connect
failed: {"created":"@1614425282.889896700","description":"Handshake
failed","file":"/tmp/grpc/src/core/lib/security/transport/security_handshaker.cc","file_line":305,"tsi_code":10,"tsi_error":"TSI_PROTOCOL_FAILURE"}
I0227 11:28:02.909442500 536 http_connect_handshaker.cc:329] Connecting
to server tts.3i-vox.xyz:443 via HTTP proxy ipv4:10.34.199.43:3131
E0227 11:28:02.998743200 536 ssl_transport_security.cc:1455] Handshake
failed with fatal error SSL_ERROR_SSL: error:1000007d:SSL
routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED.
D0227 11:28:02.998861300 536 security_handshaker.cc:182] Security
handshake failed:
{"created":"@1614425282.998834700","description":"Handshake
failed","file":"/tmp/grpc/src/core/lib/security/transport/security_handshaker.cc","file_line":305,"tsi_code":10,"tsi_error":"TSI_PROTOCOL_FAILURE"}
I0227 11:28:02.999375500 536 subchannel.cc:1060] Connect
failed: {"created":"@1614425282.998834700","description":"Handshake
failed","file":"/tmp/grpc/src/core/lib/security/transport/security_handshaker.cc","file_line":305,"tsi_code":10,"tsi_error":"TSI_PROTOCOL_FAILURE"}
I0227 11:28:03.018482300 536 http_connect_handshaker.cc:329] Connecting
to server tts.3i-vox.xyz:443 via HTTP proxy ipv4:10.34.199.44:3131
E0227 11:28:03.150566400 536 ssl_transport_security.cc:1455] Handshake
failed with fatal error SSL_ERROR_SSL: error:1000007d:SSL
routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED.
D0227 11:28:03.150632400 536 security_handshaker.cc:182] Security
handshake failed:
{"created":"@1614425283.150614800","description":"Handshake
failed","file":"/tmp/grpc/src/core/lib/security/transport/security_handshaker.cc","file_line":305,"tsi_code":10,"tsi_error":"TSI_PROTOCOL_FAILURE"}
I0227 11:28:03.150838900 536 subchannel.cc:1060] Connect
failed: {"created":"@1614425283.150614800","description":"Handshake
failed","file":"/tmp/grpc/src/core/lib/security/transport/security_handshaker.cc","file_line":305,"tsi_code":10,"tsi_error":"TSI_PROTOCOL_FAILURE"}
I0227 11:28:03.151011500 536 subchannel.cc:999] Subchannel
0x55ad9c5eb750: Retry in 418 milliseconds
Help me.
пятница, 26 февраля 2021 г. в 22:20:35 UTC+3, Mark D. Roth:
> Are you connecting via an HTTP CONNECT proxy? If so, you should be able
> to do this simply by setting the $grpc_proxy environment variable to point
> at your proxy.
>
> Zhen (CC'ed) can check your SSL creds code to make sure it looks right.
>
> On Thu, Feb 25, 2021 at 8:04 AM Yuriy Hashev <[email protected]> wrote:
>
>> I wrote a simple client to work with some server. Everything works fine
>> with direct access.
>> But, if I declare the variable, I get the error "Handshake failed with
>> fatal error SSL_ERROR_SSL: error:1000007d:SSL
>> routines:OPENSSL_internal:CERTIFICATE_VERIFY_FAILED."
>>
>> This is my code for making connection
>>
>> string root = read_keycert("../roots.crt");
>> grpc::SslCredentialsOptions ssl_opts;
>> ssl_opts.pem_root_certs = root;
>> ssl_opts.pem_private_key = "";
>> ssl_opts.pem_cert_chain = "";
>>
>> channel_creds = grpc::SslCredentials(ssl_opts);
>> channel = grpc::CreateChannel(URL, channel_creds);
>> stub = vox::tts::TTS::NewStub(channel);
>>
>> I guess i need to make a connection with a parameter
>> GRPC_TLS_SKIP_ALL_SERVER_VERIFICATION. But I don't understand how.
>>
>> I need a small example. Thanks.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "grpc.io" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected].
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/grpc-io/85f4aee1-c21f-4b53-a6d9-d052323804d8n%40googlegroups.com
>>
>> <https://groups.google.com/d/msgid/grpc-io/85f4aee1-c21f-4b53-a6d9-d052323804d8n%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>>
>
>
> --
> Mark D. Roth <[email protected]>
> Software Engineer
> Google, Inc.
>
--
You received this message because you are subscribed to the Google Groups
"grpc.io" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/grpc-io/61a522e1-b208-4fdb-bfba-b4ea288cbddfn%40googlegroups.com.
