Disabling certificate check in gRPC TLS

Question

Currently, I have a ngnix server (on port 5001) behind which a gRPC server is running, nginx having TLS enabled. All gRPC clients need to send the request to nginx port whic

Answer 1

TLS with disabled certificate checking is of questionable usefulness because it can be trivially MITMed and so is not "supported" by gRPC. I highly recommend providing the client with proper root certificates to verify the server.

That said, you can go around gRPC's API to do this by passing Netty's InsecureTrustManagerFactory to SslContextBuilder.trustManager(TrustManagerFactory):

NettyChannelBuilder.forAddress("<server IP address>", 5001)
    .sslContext(GrpcSslContexts.forClient()
      .trustManager(InsecureTrustManagerFactory.INSTANCE)
      .build())
    .build();