Skip to content
Documentation/Infrastructure/
/
Configure gRPC
Last updated

Configure gRPC

The xrpld server has a limited gRPC API it can provide. Clio servers use this API to retrieve data about the latest validated ledgers and transactions. You can enable the gRPC API on your server with a new configuration stanza.

Caution
gRPC support is intended specifically for providing data to Clio servers. Breaking changes to the gRPC API may occur without warning or it may be removed entirely in future versions of the server.

Prerequisites

To enable gRPC, you must meet the following prerequisites:

  • You must have installed xrpld.

  • Your server must be able to bind to the port you choose.

Steps

To enable gRPC on your server, complete the following steps:

  1. Ensure the [port_grpc] stanza is in your xrpld config file.

    [port_grpc]
port = 50051
ip = 127.0.0.1
    • port defines the port the server listens on for gRPC connections from client applications. The recommended port is 50051.
    • ip defines which interfaces the server listens on. 127.0.0.1 limits connections to the local loopback network (same machine) and is enabled by default. Changing the value to 0.0.0.0 listens on all available network interfaces.

    The recommended installation uses the config file /etc/xrpld/xrpld.cfg by default. Other places you can put a config file include $HOME/.config/xrpld/xrpld.cfg (where $HOME is the home directory of the user running rippled), $HOME/.local/xrpld/xrpld.cfg, or the current working directory from where you start rippled.

    The config file was renamed from rippled.cfg to xrpld.cfg. During the transition, if xrpld.cfg is not present the server still reads rippled.cfg from the same locations, so existing config files keep working without being renamed. Updated in: rippled 3.2.0

  2. (Optional) To secure gRPC connections with TLS, add the following settings to the [port_grpc] stanza. All certificate and key files must be in PEM format.

    [port_grpc]
port = 50051
ip = 127.0.0.1
ssl_cert = /etc/ssl/certs/grpc-server.crt
ssl_key = /etc/ssl/private/grpc-server.key
ssl_cert_chain = /etc/ssl/certs/grpc-intermediate-ca.crt
ssl_client_ca = /etc/ssl/certs/grpc-client-ca.crt
    • ssl_cert and ssl_key define the paths to the server's TLS certificate and private key. Set both to enable TLS.
    • ssl_cert_chain (optional) defines the path to a file of intermediate CA certificates.
    • ssl_client_ca (optional) defines the path to a CA certificate used to verify client certificates, enabling mutual TLS (mTLS).

  3. Start (or restart) the xrpld service.

    sudo systemctl restart xrpld

See Also

Connect Your xrpld to a Parallel Network

Enable Public Signing