mirror of
https://github.com/sorenisanerd/gotty.git
synced 2024-11-09 23:34:26 +00:00
Update readme for client certificate authentication
This commit is contained in:
parent
82c17f8271
commit
5de1ece388
@ -58,6 +58,9 @@ By default, GoTTY starts a web server at port 8080. Open the URL on your web bro
|
||||
--tls, -t Enable TLS/SSL [$GOTTY_TLS]
|
||||
--tls-crt "~/.gotty.key" TLS/SSL crt file path [$GOTTY_TLS_CRT]
|
||||
--tls-key "~/.gotty.crt" TLS/SSL key file path [$GOTTY_TLS_KEY]
|
||||
--client, -C Enable Client Certificate [$GOTTY_CLIENT]
|
||||
--client-ca-file "~/.gotty.ca.crt" Client CA certificate file [$GOTTY_CLIENT_CA_FILE]
|
||||
--client-verify Enable verification of client certificate [$GOTTY_CLIENT_VERIFY]
|
||||
--index Custom index file [$GOTTY_INDEX]
|
||||
--title-format "GoTTY - {{ .Command }} ({{ .Hostname }})" Title format of browser window [$GOTTY_TITLE_FORMAT]
|
||||
--reconnect Enable reconnection [$GOTTY_RECONNECT]
|
||||
@ -101,6 +104,8 @@ All traffic between the server and clients are NOT encrypted by default. When yo
|
||||
openssl req -x509 -nodes -days 9999 -newkey rsa:2048 -keyout ~/.gotty.key -out ~/.gotty.crt
|
||||
```
|
||||
|
||||
For added security you can use an SSL/TLS client certificate by enabling it with the `-C` option (this requires the `-t` or `--tls` flag to be set). This requires all client connecting to provide a valid certificate that can be validated (use the `--client-verify` option to make verification mandatory) against the CA file that is provided via the `--client-ca-file` option.
|
||||
|
||||
(NOTE: For Safari uses, see [how to enable self-signed certificates for WebSockets](http://blog.marcon.me/post/24874118286/secure-websockets-safari) when use self-signed certificates)
|
||||
|
||||
## Sharing with Multiple Clients
|
||||
|
Loading…
Reference in New Issue
Block a user