I have a flutter app (dart based) and a GoLang server, using GRPC.
I wanted to secure it, so I tried setting up Ngninx
with certbot
(I'm new at this), but the bot requires a challenge where it connects to the Web service (for the Domain) for an http response, which my service doesn't give. It is possible to run both GRPC and HTTP server on the same port, but I couldn't understand how to setup Nginx
for that.
Then I tried setting up TLS for my service itself using autocert
but doing that with acme requires the same web service response and without that I have to give manual certificates and skip insecure verify which isn't available in dart for now (only two options available secure
and insecure
). And testing autocert
on local doesn't help either as it doesn't even create local certs (at least for me).
I also read about a DNS challenge which requires a DNS TXT record, but I'm not sure if it'll ask me to put up a new TXT record on every renewal.
Anyway, I'm mostly confused as to how to move forwards with this. I connect with GRPC to actual mobile apps and haven't found many tutorials or questions regarding this anywhere. My GoLang server also interacts with other internal micro-services, so making it TLS supported would also mean redeploying all other services with secure flag enabled.
Any help regarding what I should do to secure my GRPC connection to apps, would be amazing!
Relevant docs:
- https://www.nginx.com/blog/nginx-1-13-10-grpc/
- https://godoc.org/golang.org/x/crypto/acme/autocert
- https://serverfault.com/questions/750902/how-to-use-lets-encrypt-dns-challenge-validation
- https://d3void.net/post/acme/
Apologies if this is a stupid question, but I've been stuck on this for a week.