search

EventStore / EventStore-Client-Dotnet

Dotnet Client SDK for the Event Store gRPC Client API written in C#
Other
138 stars 38 forks source link

v24.2.0 : gRPC.Core.RpcException even for INSECURE=true, TLS=false #293

Closed rgfaber closed 4 months ago

rgfaber commented 4 months ago

Description

There might be an issue with the EventStore gRPC client in insecure, single node mode

Environment:

  1. .NET 8

  2. hosting v24.2.0-jammy in docker compose as described in the docs

  3. using Nuget Packages

<ItemGroup>
    <PackageReference Include="EventStore.Client.Grpc" Version="23.2.1"/>
    <PackageReference Include="EventStore.Client.Grpc.Operations" Version="23.2.1"/>
    <PackageReference Include="EventStore.Client.Grpc.UserManagement" Version="23.2.1"/>
    <PackageReference Include="EventStore.Client.Grpc.PersistentSubscriptions" Version="23.2.1"/>
    <PackageReference Include="EventStore.Client.Grpc.ProjectionManagement" Version="23.2.1"/>
    <PackageReference Include="EventStore.Client.Grpc.Streams" Version="23.2.1"/>
    <PackageReference Include="Newtonsoft.Json" Version="13.0.3"/>
</ItemGroup>

To Reproduce

  1. The exact environment can be recreated as such:

git clone https://github.com/discomco/compose-dev-stack.git
cd compose-dev-stack
./run-minimal.sh -d
  1. Run the Tests

git clone https://github.com/discomco/dot-cart.git
cd drivers/DotCart.Drivers.EventStoreDB.Tests
dotnet test

Expected

no SSL gRPC errors, events appended to stream

Actual Behavior

Upon connecting:

Grpc.Core.RpcException Status(StatusCode="Internal", Detail="Error starting gRPC call.

HttpRequestException: The SSL connection could not be established, see inner exception. 

AuthenticationException: Cannot determine the frame size or a corrupted frame was received.

Aditional context

  1. Deeper inspection of ConnectivitySettings revealed this:

debug-screenshot

  1. Running ESDB in secure cluster mode according to

secure-cluster with compose

did not give any errors.

Hope it helps and thanks for any guidance!

josephcummings commented 4 months ago

Hi @rgfaber

The connection string you are using has insecure=true which is not a valid option for the client, this is instead something you configure on the server (not to be confused with the ConnectivitySettings.Insecure boolean which is a reflection of the tls flag on the connection string).

I took a look at your dot-cart repo and I can see you don't parse the connection string but rather use your own custom type to wrap some ESDB connection string properties and then manually construct the client settings, which is how you were able to construct the object in your screenshot that has Address = esdb://localhost:2113/?insecure=true&tls=false&tlsVerifyCert=false.

The reason for the exception is that, in your dot-cart repo, you configure the client ConnectivitySettings by manually setting the address to the above, which means the client does not do the typical parsing it would of a connection string.

Because of this, both ConnectivitySettings.Insecure and ConnectivitySettings.TlsVerifyCert are initialised with their default values of true, which means the client will attempt an SSL handshake with a server that has not been configured for TLS.

I would recommend that you utilise EventStoreClientSettings.Create to create your client settings before initialising the client.

Here are some samples that do this:

  1. Hello World Sample on Docker
  2. Dotnet Client Quickstart Sample

I hope this helps.

rgfaber commented 4 months ago

Thanks for the swift and detailed response, I will act accordingly.

EDIT:

Proof of Success:

Proof of Success

Many thanks!