Arkon
Reputation: 2954
Does gRPC checks CRLs/OSCP Responders during TLS handshake?
During a mutual client-server authentication with gRPC+protobuf, is there a CRL and/or OSCP Responder check of the status of the certificate?
I need to be sure that I can revoke the certificate on my PKI and that subsequent calls will be blocked even if the certificate is still valid.
Upvotes: 3
Views: 660
Answers (1)
Vitaly Isaev
Reputation: 5795
If we're considering grpc-go, as far as I know, TLS handshake is not implemented by GRPC, it's encapsulated into Go implementation HTTP2 server from the standard library which GRPC relies on. Perhaps it worth checking if OSCP may be enabled on the HTTP2 server side.
Upvotes: 2
Related Questions
- Is it possible to do Mutual TLS(or client certificate authentication) in grpc-web against a grpc java server?
- Use SSL in gRPC client server communication
- How do I connect to GRPC using TLS?
- How to confirm gRPC traffic from Go client is TLS encrypted
- grpc - is TLS necessary if https enabled?
- gRPC client failing to connect to server with TLS certificates
- How to configure gRPC Client communicating over TLS transport layer without server certificate?
- TLS support for GRPC in C#
- How are the requests handled in GRPC?
- Ruby's grpc(v1.3.2) gem SSL/TLS connection issue with grpc server built entirely in golang