From 23461d54cc0e39c1a13e2e0df2df6ee2f40c4173 Mon Sep 17 00:00:00 2001
From: Radovan Zivkovic <r.zivkovic@rasa.com>
Date: Mon, 17 Jun 2024 18:55:26 +0200
Subject: [PATCH] Initialise SSL for gRPC

---
 rasa_sdk/grpc_server.py | 20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

diff --git a/rasa_sdk/grpc_server.py b/rasa_sdk/grpc_server.py
index 27796fe74..cf7bdbed6 100644
--- a/rasa_sdk/grpc_server.py
+++ b/rasa_sdk/grpc_server.py
@@ -6,7 +6,6 @@
 
 import grpc
 import logging
-import ssl
 import types
 from typing import Union, Optional
 from concurrent import futures
@@ -172,15 +171,20 @@ async def run_grpc(
     )
     if ssl_certificate and ssl_keyfile:
         # Use SSL/TLS if certificate and key are provided
-        ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
-        ssl_context.load_cert_chain(
-            ssl_certificate,
-            keyfile=ssl_keyfile,
-            password=ssl_password if ssl_password else None,
-        )
+        # ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
+        # ssl_context.load_cert_chain(
+        #     ssl_certificate,
+        #     keyfile=ssl_keyfile,
+        #     password=ssl_password if ssl_password else None,
+        # )
+        private_key = open(ssl_keyfile).read()
+        certificate_chain = open(ssl_certificate).read()
         logger.info(f"Starting gRPC server with SSL support on port {port}")
         server.add_secure_port(
-            f"[::]:{port}", server_credentials=grpc.ssl_server_credentials(ssl_context)
+            f"[::]:{port}",
+            server_credentials=grpc.ssl_server_credentials(
+                [(private_key, certificate_chain)]
+            ),
         )
     else:
         logger.info(f"Starting gRPC server without SSL on port {port}")