Authenticating gRPC Client
To authenticate a gRPC client, set up a host and/or a port for the connection, and replace a TLS/SSL public key certificate if necessary. For gRPC connections, only server needs to provide its certificate to client (the server-side TLS connection type).
To set up client-server connection settings, run the command
When you change any parameter of the xicli settings auth modify command, the xiraid-target.service restarts. Additionally, it will cause all RAIDs to unload. Please, run this command only after stopping all mounted devices.
The command neither requires acceptance of the EULA nor running xiraid.target service.
# xicli settings auth modify <args>
At least one argument is required |
||
--host |
The host name or IP address that will be used for the connection. After changing the host, you must re-generate and replace the certificate. The default: localhost. |
|
--port |
The port that will be used for the connection. The default: 6066. |
To view client-server connection settings, run the command
# xicli settings auth show
Optional argument |
||
-f | --format |
Output format:
The default: table. |
To replace the certificate:
The certificates require that the system time is not earlier than June 24, 2019.
-
copy the files to /etc/xraid/crt/ that are strictly named
- server-key.key (or server-key.pem);
- server-cert.crt (or server-cert.pem);
- ca-cert.crt (or ca-cert.pem);
If there are .pem and .key/.crt files in /etc/xraid/crt/ at the same time, the system will use .key/.crt files.
-
restart the xiraid service:
# systemctl restart xiraid.target