what's meaning of insecure connection in grpc?

About

Asked 24/6, 2018 at 9:40 Answered 24/6, 2018 at 10:17

gRPC is based on http2 which must be use ssl. But I found I can create use insecure server.

I want to know insecure means that don't use ssl or use predefined certificate for http2?

Edee answered 24/6, 2018 at 9:40 Comment(0)

HTTP/2 does not insist on SSL/TLS. But all web browsers only implement HTTP2 over SSL/TLS because of problems when using it over plaintext HTTP over the Internet. So if not using a web browser but another HTTP/2 client than you can use HTTP/2 without SSL/TLS.

So yes insecure gRPC is using an unencrypted HTTP/2 connection (h2c). Though some implementations do not support this, similar to how web browsers do not support unencrypted HTTP/2 (h2c).

Teleran answered 24/6, 2018 at 10:17 Comment(1)

The answer is correct, but I would replace the "plaintext" with "unencrypted". Since HTTP/2 still uses a binary (and not textual) frame encoding. – Osmen 25/6, 2018 at 3:16

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags