(t *testing.T)
| 326 | } |
| 327 | |
| 328 | func (s) TestMTLS(t *testing.T) { |
| 329 | s := stubserver.StartTestService(t, nil, grpc.Creds(testutils.CreateServerTLSCredentials(t, tls.RequireAndVerifyClientCert))) |
| 330 | defer s.Stop() |
| 331 | |
| 332 | cfg := fmt.Sprintf(`{ |
| 333 | "ca_certificate_file": "%s", |
| 334 | "certificate_file": "%s", |
| 335 | "private_key_file": "%s" |
| 336 | }`, |
| 337 | testdata.Path("x509/server_ca_cert.pem"), |
| 338 | testdata.Path("x509/client1_cert.pem"), |
| 339 | testdata.Path("x509/client1_key.pem")) |
| 340 | tlsBundle, stop, err := tlscreds.NewBundle([]byte(cfg)) |
| 341 | if err != nil { |
| 342 | t.Fatalf("Failed to create TLS bundle: %v", err) |
| 343 | } |
| 344 | defer stop() |
| 345 | conn, err := grpc.NewClient(s.Address, grpc.WithCredentialsBundle(tlsBundle), grpc.WithAuthority("x.test.example.com")) |
| 346 | if err != nil { |
| 347 | t.Fatalf("Error dialing: %v", err) |
| 348 | } |
| 349 | defer conn.Close() |
| 350 | client := testgrpc.NewTestServiceClient(conn) |
| 351 | ctx, cancel := context.WithTimeout(context.Background(), defaultTestTimeout) |
| 352 | defer cancel() |
| 353 | if _, err = client.EmptyCall(ctx, &testpb.Empty{}); err != nil { |
| 354 | t.Errorf("EmptyCall(): got error %v when expected to succeed", err) |
| 355 | } |
| 356 | } |
| 357 | |
| 358 | // Test_MTLS_SPIFFE configures a client and server. The server has a certificate |
| 359 | // chain that is compatible with the client's configured SPIFFE bundle map. An |
nothing calls this directly
no test coverage detected