GRPC Core  18.0.0
Namespaces | Functions
grpc_tls_certificate_provider.cc File Reference
#include <grpc/support/port_platform.h>
#include "src/core/lib/security/credentials/tls/grpc_tls_certificate_provider.h"
#include <grpc/support/alloc.h>
#include <grpc/support/log.h>
#include <grpc/support/string_util.h>
#include "src/core/lib/gprpp/stat.h"
#include "src/core/lib/slice/slice_internal.h"
#include "src/core/lib/surface/api_trace.h"

Namespaces

 grpc_core
 Round Robin Policy.
 

Functions

grpc_tls_certificate_providergrpc_tls_certificate_provider_static_data_create (const char *root_certificate, grpc_tls_identity_pairs *pem_key_cert_pairs)
 – Wrapper APIs declared in grpc_security.hMore...
 
grpc_tls_certificate_providergrpc_tls_certificate_provider_file_watcher_create (const char *private_key_path, const char *identity_certificate_path, const char *root_cert_path, unsigned int refresh_interval_sec)
 Creates a grpc_tls_certificate_provider that will watch the credential changes on the file system. More...
 
void grpc_tls_certificate_provider_release (grpc_tls_certificate_provider *provider)
 Releases a grpc_tls_certificate_provider object. More...
 

Function Documentation

◆ grpc_tls_certificate_provider_file_watcher_create()

grpc_tls_certificate_provider* grpc_tls_certificate_provider_file_watcher_create ( const char *  private_key_path,
const char *  identity_certificate_path,
const char *  root_cert_path,
unsigned int  refresh_interval_sec 
)

Creates a grpc_tls_certificate_provider that will watch the credential changes on the file system.

This provider will always return the up-to-date cert data for all the cert names callers set through |grpc_tls_credentials_options|. Note that this API only supports one key-cert file and hence one set of identity key-cert pair, so SNI(Server Name Indication) is not supported.

  • private_key_path is the file path of the private key. This must be set if |identity_certificate_path| is set. Otherwise, it could be null if no identity credentials are needed.
  • identity_certificate_path is the file path of the identity certificate chain. This must be set if |private_key_path| is set. Otherwise, it could be null if no identity credentials are needed.
  • root_cert_path is the file path to the root certificate bundle. This may be null if no root certs are needed.
  • refresh_interval_sec is the refreshing interval that we will check the files for updates. It does not take ownership of parameters. It is used for experimental purpose for now and subject to change.

◆ grpc_tls_certificate_provider_release()

void grpc_tls_certificate_provider_release ( grpc_tls_certificate_provider provider)

Releases a grpc_tls_certificate_provider object.

The creator of the grpc_tls_certificate_provider object is responsible for its release. It is used for experimental purpose for now and subject to change.

◆ grpc_tls_certificate_provider_static_data_create()

grpc_tls_certificate_provider* grpc_tls_certificate_provider_static_data_create ( const char *  root_certificate,
grpc_tls_identity_pairs pem_key_cert_pairs 
)

– Wrapper APIs declared in grpc_security.h

Creates a grpc_tls_certificate_provider that will load credential data from static string during initialization.