GRPC CreateChannel() error Could not get default pem root certs

Question

I am using grpc 1.35.0 on Windows 10 and following sample code here to create a grpc channel for the client to use. But I have a provide a root cert to create the channel, otherwise, it complains the error below.

Then I write my client in a python version and I can create the channel without giving root cert.

So, is this a grpc bug or did I misunderstand the sample code?

GRPC sample code

// Create a default SSL ChannelCredentials object.
auto channel_creds = grpc::SslCredentials(grpc::SslCredentialsOptions());
// Create a channel using the credentials created in the previous step.
auto channel = grpc::CreateChannel(server_name, channel_creds);
// Create a stub on the channel.
std::unique_ptr<Greeter::Stub> stub(Greeter::NewStub(channel));
// Make actual RPC calls on the stub.
grpc::Status s = stub->sayHello(&context, *request, response);

my code

const std::string SECURE_GRPC_CHANNEL_ADDRESS = <MY_SERVER>;

class GrpcChannel
{
    GrpcChannel()
    {
        auto ca_cert = get_file_contents(cacert_path);
        SslCredentialsOptions options = { ca_cert, "", "" };
        auto channel_creds = SslCredentials(options);
        channel_ = grpc::CreateChannel(SECURE_GRPC_CHANNEL_ADDRESS, channel_creds);            
    }

Answer 1

I ran into a similar issue, while i was using Google Text-To-Speech API on Windows 10. gRPC complained to be unable to find the pem file in a non-Windows like folder. To workaround this the following steps might help:

• download Googles root.pem from https://pki.google.com/roots.pem
• add an environment variable named 'GRPC_DEFAULT_SSL_ROOTS_FILE_PATH' and set its value to the path of the downloaded file (including the filename)

Answer 2

Turns out it's grpc document issue, grpc-core C++ for windows does not support default root cert and need specify one by user. Please refer to here.