fix(checkoutservice): Option 1 — Replace insecure gRPC with system CA TLS

[mikecstone]

Summary

• Replaces all 8 grpc.WithInsecure() calls with credentials.NewClientTLSFromCert(nil, ""), which uses the system root CA pool to validate server certificates
• Fixes context.TODO() → ctx in convertCurrency to restore proper timeout and cancellation propagation

Trade-offs

Pros:

• Smallest diff — minimal code change, easy to review
• No new infrastructure or cert management required beyond what your CA already issues
• Works immediately if downstream services already present CA-signed certs

Cons:

• One-way TLS only — the server is authenticated, but the client (this service) is not
• Relies on the system CA pool, so it won't work with a private/internal CA unless that CA is installed on the host or container image

When to use this

Best fit if your services run behind a managed load balancer or service mesh that already handles cert issuance, and you need a fast, low-friction fix.

Test plan

• Verify downstream services (shipping, cart, currency, payment, email, product catalog) present TLS certs signed by a CA in the system root pool
• Confirm PlaceOrder end-to-end works after the change
• Confirm that connection failures produce clear errors (not panics) when a service cert is invalid/expired

🤖 Generated with Claude Code

[ox-security]

OX Security reviewed this pull request — nothing to fix.

✔ No issues found

Branch fix/grpc-tls-system-ca → master

View scan in OX Security →