grpc-web icon indicating copy to clipboard operation
grpc-web copied to clipboard

Published 20 hours ago verified publisher icon improbable-eng

Handshake error even TLS Verify was already disabled

Open kevinprotoss opened this issue 4 years ago • 2 comments

Versions of relevant software used

grpcwebproxy 0.12.0

What happened

On windows wsl environment, using docker to run server, angular, and proxy Use grpc-web in angular app to send a grpc request. The returned stream response works great if messages come continuously, however grpcwebproxy given then handshake error after a time interval without call.

Command for starting proxy

grpcwebproxy --server_tls_cert_file=/certs/server.crt --server_tls_key_file=/certs/server.key --backend_addr=node-server:9090 --backend_tls_noverify --backend_tls --allow_all_origins

What you expected to happen

Connection keep alive even without message call

How to reproduce it (as minimally and precisely as possible):

Full logs to relevant components

time="2020-03-20T22:55:12Z" level=info msg="parsed scheme: \"\"" system=system
time="2020-03-20T22:55:12Z" level=info msg="scheme \"\" not registered, fallback to default scheme" system=system
time="2020-03-20T22:55:12Z" level=info msg="ccResolverWrapper: sending update to cc: {[{node-server:9090 0  <nil>}] }" system=system
time="2020-03-20T22:55:12Z" level=info msg="ClientConn switching balancer to \"pick_first\"" system=system
time="2020-03-20T22:55:12Z" level=info msg="pickfirstBalancer: HandleSubConnStateChange: 0xc00009c6f0, CONNECTING" system=system
time="2020-03-20T22:55:12Z" level=info msg="listening for http on: [::]:8080"
time="2020-03-20T22:55:12Z" level=info msg="listening for http_tls on: [::]:8443"
time="2020-03-20T22:55:13Z" level=info msg="pickfirstBalancer: HandleSubConnStateChange: 0xc00009c6f0, READY" system=system
2020/03/20 22:55:28 http: TLS handshake error from 172.17.0.1:52442: remote error: tls: unknown certificate
time="2020-03-20T22:55:48Z" level=info msg="finished streaming call with code Canceled" error="rpc error: code = Canceled desc = context canceled" grpc.code=Canceled grpc.method=GetFactorStream grpc.service=jupiter.monitoring.dashboard.v1.DashboardsService grpc.start_time="2020-03-20T22:55:28Z" grpc.time_ms=20003.596 span.kind=server system=grpc

Anything else we need to know

kevinprotoss avatar Mar 20 '20 23:03 kevinprotoss

The error message indicates that it is the proxy that is unhappy with the certificate, I think, as you said. That's weird, we haven't seen this before. Not sure what we can do from here, it's probably something you need to debug more in your environment. Sorry I can't be of more help.

johanbrandhorst avatar Mar 21 '20 09:03 johanbrandhorst

was any progress ever made on this issue? having same problem.

seanwatters avatar Jan 05 '22 22:01 seanwatters