Software AG Products 10.11 | Administering Integration Server | Configuring gRPC in Integration Server | Authentication for gRPC
 
Authentication for gRPC
 
Requiring or Requesting Client Certificates
Using “Plaintext” Mode for Communication with the gRPC Server
The Integration Server implementation of gRPC uses SSL/TLS for encrypting data and authenticating the server. The gRPC server embedded in Integration Server supports TLSv1.3 and TLSv1.2. Integration Server provides support for one-way and two-way SSL with certificate-based authentication.
During the client handshake, the gRPC server embedded in Integration Server handles the TLS protocol negotiation with the gRPC client. This is unlike requests received on HTTPS or FTPS ports where Integration Server handles the protocol negotiation.
Note:Integration Server does not support token-based authentication with gRPC.
To use SSL/TLS with gRPC in Integration Server, you must:
*Complete the steps in Preparing to Configure SSL in Integration Server . These steps include creating public key /private key pairs, obtaining signed certificates, creating keystores and truststores, importing client certificates, and mapping client certificates to a defined Integration Server user account.
*Configure the authentication information for the gRPC channel. The keystore alias and key alias specified for the channel indicate where the gRPC server can find the private key and certificates for authenticating the gRPC server and decrypting data received from a gRPC client.