1*e07d83d3SAndroid Build Coastguard WorkerHello World Example with TLS 2*e07d83d3SAndroid Build Coastguard Worker============================================== 3*e07d83d3SAndroid Build Coastguard Worker 4*e07d83d3SAndroid Build Coastguard WorkerThe example require grpc-java to already be built. You are strongly encouraged 5*e07d83d3SAndroid Build Coastguard Workerto **check out a git release tag**, since there will already be a build of grpc 6*e07d83d3SAndroid Build Coastguard Workeravailable: 7*e07d83d3SAndroid Build Coastguard Worker``` 8*e07d83d3SAndroid Build Coastguard Workergit checkout v<major>.<minor>.<patch> 9*e07d83d3SAndroid Build Coastguard Worker``` 10*e07d83d3SAndroid Build Coastguard Worker 11*e07d83d3SAndroid Build Coastguard WorkerOtherwise you must follow [COMPILING](../COMPILING.md). 12*e07d83d3SAndroid Build Coastguard Worker 13*e07d83d3SAndroid Build Coastguard WorkerTo build the example, 14*e07d83d3SAndroid Build Coastguard Worker 15*e07d83d3SAndroid Build Coastguard Worker1. **[Install gRPC Java library SNAPSHOT locally, including code generation plugin](../../COMPILING.md) (Only need this step for non-released versions, e.g. master HEAD).** 16*e07d83d3SAndroid Build Coastguard Worker 17*e07d83d3SAndroid Build Coastguard Worker2. Run in this directory: 18*e07d83d3SAndroid Build Coastguard Worker``` 19*e07d83d3SAndroid Build Coastguard Worker$ ../gradlew installDist 20*e07d83d3SAndroid Build Coastguard Worker``` 21*e07d83d3SAndroid Build Coastguard Worker 22*e07d83d3SAndroid Build Coastguard WorkerThis creates the scripts `hello-world-tls-server`, `hello-world-tls-client`, 23*e07d83d3SAndroid Build Coastguard Workerin the 24*e07d83d3SAndroid Build Coastguard Worker`build/install/example-tls/bin/` directory that run the example. The 25*e07d83d3SAndroid Build Coastguard Workerexample requires the server to be running before starting the client. 26*e07d83d3SAndroid Build Coastguard Worker 27*e07d83d3SAndroid Build Coastguard WorkerRunning the hello world with TLS is the same as the normal hello world, but takes additional args: 28*e07d83d3SAndroid Build Coastguard Worker 29*e07d83d3SAndroid Build Coastguard Worker**hello-world-tls-server**: 30*e07d83d3SAndroid Build Coastguard Worker 31*e07d83d3SAndroid Build Coastguard Worker```text 32*e07d83d3SAndroid Build Coastguard WorkerUSAGE: HelloWorldServerTls port certChainFilePath privateKeyFilePath [trustCertCollectionFilePath] 33*e07d83d3SAndroid Build Coastguard Worker Note: You only need to supply trustCertCollectionFilePath if you want to enable Mutual TLS. 34*e07d83d3SAndroid Build Coastguard Worker``` 35*e07d83d3SAndroid Build Coastguard Worker 36*e07d83d3SAndroid Build Coastguard Worker**hello-world-tls-client**: 37*e07d83d3SAndroid Build Coastguard Worker 38*e07d83d3SAndroid Build Coastguard Worker```text 39*e07d83d3SAndroid Build Coastguard WorkerUSAGE: HelloWorldClientTls host port [trustCertCollectionFilePath [clientCertChainFilePath clientPrivateKeyFilePath]] 40*e07d83d3SAndroid Build Coastguard Worker Note: clientCertChainFilePath and clientPrivateKeyFilePath are only needed if mutual auth is desired. 41*e07d83d3SAndroid Build Coastguard Worker``` 42*e07d83d3SAndroid Build Coastguard Worker- Note `trustCertCollectionFilePath` is not needed if you are using system default certificate authority. 43*e07d83d3SAndroid Build Coastguard Worker 44*e07d83d3SAndroid Build Coastguard WorkerYou can run this example with our [test credentials](../../testing/src/main/resources/certs) with 45*e07d83d3SAndroid Build Coastguard Worker`.overrideAuthority("foo.test.google.fr")` for `ManagedChannelBuilder` to match the Subject Alternative Names 46*e07d83d3SAndroid Build Coastguard Workerin the test certificates. You can generate your own self-signed certificates with commands in the test certs 47*e07d83d3SAndroid Build Coastguard Worker[README](../../testing/src/main/resources/certs/README). 48*e07d83d3SAndroid Build Coastguard Worker 49*e07d83d3SAndroid Build Coastguard Worker- Note you can use system default certificate authority if you are using a real server certificate. 50*e07d83d3SAndroid Build Coastguard Worker 51*e07d83d3SAndroid Build Coastguard Worker#### Hello world example with TLS (no mutual auth): 52*e07d83d3SAndroid Build Coastguard Worker 53*e07d83d3SAndroid Build Coastguard Worker```bash 54*e07d83d3SAndroid Build Coastguard Worker# Run the server: 55*e07d83d3SAndroid Build Coastguard Worker./build/install/example-tls/bin/hello-world-tls-server 50440 ../../testing/src/main/resources/certs/server1.pem ../../testing/src/main/resources/certs/server1.key 56*e07d83d3SAndroid Build Coastguard Worker# In another terminal run the client 57*e07d83d3SAndroid Build Coastguard Worker./build/install/example-tls/bin/hello-world-tls-client localhost 50440 ../../testing/src/main/resources/certs/ca.pem 58*e07d83d3SAndroid Build Coastguard Worker``` 59*e07d83d3SAndroid Build Coastguard Worker 60*e07d83d3SAndroid Build Coastguard Worker#### Hello world example with TLS with mutual auth: 61*e07d83d3SAndroid Build Coastguard Worker 62*e07d83d3SAndroid Build Coastguard Worker```bash 63*e07d83d3SAndroid Build Coastguard Worker# Run the server: 64*e07d83d3SAndroid Build Coastguard Worker./build/install/example-tls/bin/hello-world-tls-server 50440 ../../testing/src/main/resources/certs/server1.pem ../../testing/src/main/resources/certs/server1.key ../../testing/src/main/resources/certs/ca.pem 65*e07d83d3SAndroid Build Coastguard Worker# In another terminal run the client 66*e07d83d3SAndroid Build Coastguard Worker./build/install/example-tls/bin/hello-world-tls-client localhost 50440 ../../testing/src/main/resources/certs/ca.pem ../../testing/src/main/resources/certs/client.pem ../../testing/src/main/resources/certs/client.key 67*e07d83d3SAndroid Build Coastguard Worker``` 68*e07d83d3SAndroid Build Coastguard Worker 69*e07d83d3SAndroid Build Coastguard WorkerThat's it! 70*e07d83d3SAndroid Build Coastguard Worker 71*e07d83d3SAndroid Build Coastguard Worker## Maven 72*e07d83d3SAndroid Build Coastguard Worker 73*e07d83d3SAndroid Build Coastguard WorkerIf you prefer to use Maven: 74*e07d83d3SAndroid Build Coastguard Worker 75*e07d83d3SAndroid Build Coastguard Worker1. **[Install gRPC Java library SNAPSHOT locally, including code generation plugin](../../COMPILING.md) (Only need this step for non-released versions, e.g. master HEAD).** 76*e07d83d3SAndroid Build Coastguard Worker 77*e07d83d3SAndroid Build Coastguard Worker2. Run in this directory: 78*e07d83d3SAndroid Build Coastguard Worker``` 79*e07d83d3SAndroid Build Coastguard Worker$ mvn verify 80*e07d83d3SAndroid Build Coastguard Worker$ # Run the server 81*e07d83d3SAndroid Build Coastguard Worker$ mvn exec:java -Dexec.mainClass=io.grpc.examples.helloworldtls.HelloWorldServerTls -Dexec.args="50440 ../../testing/src/main/resources/certs/server1.pem ../../testing/src/main/resources/certs/server1.key" 82*e07d83d3SAndroid Build Coastguard Worker$ # In another terminal run the client 83*e07d83d3SAndroid Build Coastguard Worker$ mvn exec:java -Dexec.mainClass=io.grpc.examples.helloworldtls.HelloWorldClientTls -Dexec.args="localhost 50440 ../../testing/src/main/resources/certs/ca.pem" 84*e07d83d3SAndroid Build Coastguard Worker``` 85*e07d83d3SAndroid Build Coastguard Worker 86*e07d83d3SAndroid Build Coastguard Worker## Bazel 87*e07d83d3SAndroid Build Coastguard Worker 88*e07d83d3SAndroid Build Coastguard WorkerIf you prefer to use Bazel: 89*e07d83d3SAndroid Build Coastguard Worker``` 90*e07d83d3SAndroid Build Coastguard Worker$ bazel build :hello-world-tls-server :hello-world-tls-client 91*e07d83d3SAndroid Build Coastguard Worker$ # Run the server 92*e07d83d3SAndroid Build Coastguard Worker$ ../bazel-bin/hello-world-tls-server 50440 ../../testing/src/main/resources/certs/server1.pem ../../testing/src/main/resources/certs/server1.key 93*e07d83d3SAndroid Build Coastguard Worker$ # In another terminal run the client 94*e07d83d3SAndroid Build Coastguard Worker$ ../bazel-bin/hello-world-tls-client localhost 50440 ../../testing/src/main/resources/certs/ca.pem 95*e07d83d3SAndroid Build Coastguard Worker``` 96