I would like to know how to use Mutual Authentication in GRPC C++.
My GRPC client is running on an embedded hardware and has a self signed certificate.
I'm creating an SslCredentialsOptions object that I use to create a secure channel:
SslCredentialsOptions ssl_options
ssl_options.pem_cert_chain = /* std::string containing the test certificate pem file*/
Do I need to pass the private key as well? I will not be able to access the private key since it's inside an ecc508 chip.
However when I do pass a private key on a testing setup, the server still does not authenticate the client. I do this by
ssl_options.pem_private_key = /* std::string containing test private key */
GRPC simply says failed to connect to all addresses.
The test certificate I use is signed by root-ca used in our grpc server.
Any ideas how to make this work? I thought the experience would be straight forward by just passing the parameters but now I don't know what's going on. Any inputs would be appreciated.
Thanks!
gRPC wrapped languages support OpenSSL ENGINE for hardware encrypted private key. You just need to set ssl_option.pem_private_key = "engine:<engine_id>:<key_id>".