Problem with gRPC Client with Node.js

alwint3r · December 13, 2017, 11:54am

Hi @brocaar and everyone,

I tried to create a gRPC client using node.js but I always get this error

E1213 18:51:21.178556268    7608 ssl_transport_security.c:970] Handshake failed with fatal error SSL_ERROR_SSL: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed.
Error: Connect Failed
    at /home/dycode/git/nonwork/playground/loraserver_grpc/node_modules/grpc/src/client.js:554:15

I might miss a configuration, beause I’m using the same SSL certificate and private key with the
LoRa app server.

Here’s the node.js code:

'use strict';

const path = require(`path`);
const grpc = require(`grpc`);
const Promise = require(`bluebird`);
const config = require(`./config`);
const fs = require(`fs`);

const PROTO_PATH = path.join(__dirname, `./proto/application.proto`);

const { api } = grpc.load(PROTO_PATH);

const creds = {
  privkey: fs.readFileSync(path.join(__dirname, `ssl/privkey`)),
  cert: fs.readFileSync(path.join(__dirname, `ssl/certificate`)),
};

async function main() {
  const { Application } = api;

  const client = Promise.promisifyAll(
    new Application(
      `${config.server.hostname}:${config.server.port}`,
      grpc.credentials.createSsl(null, creds.privkey, creds.cert)
    )
  );

  const res = await client.listAsync({ limit: 10, offset: 0 });
  console.log(res);
}

main()
  .catch((ex) => {
    console.error(ex.stack);
  });

And here’s the docker-compose.yml file

version: "2"

services:
  loraserver:
    image: loraserver/loraserver
    ports:
      - 8000:8000
    environment:
      - DB_AUTOMIGRATE=true
      - LOG_NODE_FRAMES=true
      - NET_ID=010203
      - BAND=AS_923
      - REDIS_URL=redis://redis:6379
      - GW_MQTT_SERVER=tcp://mosquitto:1883
      - GW_SERVER_JWT_SECRET=verysecret
      - POSTGRES_DSN=postgres://loraserver_ns:loraserver_ns@postgresql_ns/loraserver_ns?sslmode=disable
      - JS_SERVER=http://appserver:8003

  appserver:
    image: loraserver/lora-app-server
    volumes:
      - ./ssl:/ssl
    ports:
      - 8080:8080
    environment:
      - DB_AUTOMIGRATE=true
      - REDIS_URL=redis://redis:6379
      - POSTGRES_DSN=postgres://loraserver_as:loraserver_as@postgresql_as?sslmode=disable
      - MQTT_SERVER=tcp://mosquitto:1883
      - JWT_SECRET=verysecret
      - HTTP_TLS_CERT=/ssl/certificate
      - HTTP_TLS_KEY=/ssl/privkey
      - AS_PUBLIC_SERVER=appserver:8001
      - TLS_CERT=/ssl/certificate
      - TLS_KEY=/ssl/privkey
  
  gatewaybridge:
    ports:
      - 1700:1700/udp
    image: loraserver/lora-gateway-bridge
    environment:
      - MQTT_SERVER=tcp://mosquitto:1883
  
  postgresql_ns:
    image: postgres:9.6-alpine
    volumes:
      - ./postgresql_ns_data:/var/lib/postgresql/data
    ports:
      - 5432
    environment:
      - POSTGRES_PASSWORD=loraserver_ns
      - POSTGRES_USER=loraserver_ns
      - POSTGRES_DB=loraserver_ns
  
  postgresql_as:
    image: postgres:9.6-alpine
    volumes:
      - ./postgresql_as_data:/var/lib/postgresql/data
    ports:
      - 5432
    environment:
      - POSTGRES_PASSWORD=loraserver_as
      - POSTGRES_USER=loraserver_as
      - POSTGRES_DB=loraserver_as

  redis:
    volumes:
      - ./redis_data:/data
    image: redis:4-alpine
    ports:
      - 6379
  
  mosquitto:
    image: eclipse-mosquitto
    ports:
      - 1883:1883

brocaar · December 13, 2017, 12:09pm

The default certificate is self-signed and thus not considered secure. Either add an exception for this certificate or get a valid one, e.g. using www.letsencrypt.org

alwint3r · December 13, 2017, 12:10pm

Does that mean self-signed certificate is not supported by gRPC?

brocaar · December 13, 2017, 12:12pm

No, it means when you try to connect the client does not consider the certificate valid. Like when you open the web-interface your browser prompts if you want to continue as the certificate is invalid.

alwint3r · December 13, 2017, 12:13pm

Ah I see, thank you for the clarification.

DharaP · March 5, 2018, 12:35pm

Hey, I am getting the same error.
We are getting this error connecting with grpc using node package grpc in mac.

**E0222 13:11:14.727365000 140736589050816 ssl_transport_security.cc:190] ssl_info_callback: error occured.

E0222 13:11:14.727629000 140736589050816 ssl_transport_security.cc:979] Handshake failed with fatal error SSL_ERROR_SSL: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure.**

We have 3 lnd nodes running successfully. But while following your guide to send payment using grpc client we are getting that error.

Also here is our code that we are using to connect grpc.

**var async = require(‘async’);
var _ = require(‘lodash’);
var ByteBuffer = require(‘bytebuffer’);

var grpc = require(‘grpc’);
var fs = require(“fs”);

var lndCert = fs.readFileSync("~/Library/Application Support/Lnd/tls.cert");
var credentials = grpc.credentials.createSsl(lndCert);
var lnrpcDescriptor = grpc.load(“rpc.proto”);
var lnrpc = lnrpcDescriptor.lnrpc;
var lightning = new lnrpc.Lightning(‘localhost:10003’, credentials);

lightning.getInfo({}, function(err, response) {
console.log(‘GetInfo:’, response);
});**

Please let us know the solution for that.

Thanks.

brocaar · March 5, 2018, 12:52pm

I don’t think this is related to LoRa App Server?