I would very appreciate if someone has some ideas or hints for setup of gRPC encrypted connection.
An issue is that from our client (windows 10) we can not establish encrypted connection (unencrypted one over gRPC works well). What we did so far:
- Followed official gRPC configuration (step-by-step)
- Setup server-side certificate (already twice) (we followed similar steps on dev environment and it worked well)
- Opened local windows firewall and main firewall on port 7766 and verified that traffic is coming through
- Installed client on windows 10 machine
After some wire shark capturing, I could see that client is constantly sending connection request over TLSv1. After that we enabled explicitly TLS1.2 on server (restarted server) and have done the same on client (even though windows 10 clients should natively support TLS1.2). Also restarted machine afterwards. Unfortunately connection is still not getting established when using encrypted connection. I have captured traffic again and could see that client again sent packages using TLSv1 protocol.
I read couple of topics regarding problem with server side certificate but as we tried to create it twice and we were successful on dev environment, I would assume certificate should be correct.
Checking my dev client machine, I could not see any specific configuration for TLS (no secure channel configs or similar). It is also windows 10 PC.
I know this is hard to answer but still curious if someone has experienced similar problems or behavior. My understanding is that gRPC connection expects TLS1.2 for encryption. Could it still be a certificate? Certificates are not bound to protocol as I know.
Any hint would be more than welcome.