mirror of
https://github.com/sorenisanerd/gotty.git
synced 2024-11-12 16:44:24 +00:00
Update readme for client certificate authentication
This commit is contained in:
parent
82c17f8271
commit
5de1ece388
@ -58,6 +58,9 @@ By default, GoTTY starts a web server at port 8080. Open the URL on your web bro
|
|||||||
--tls, -t Enable TLS/SSL [$GOTTY_TLS]
|
--tls, -t Enable TLS/SSL [$GOTTY_TLS]
|
||||||
--tls-crt "~/.gotty.key" TLS/SSL crt file path [$GOTTY_TLS_CRT]
|
--tls-crt "~/.gotty.key" TLS/SSL crt file path [$GOTTY_TLS_CRT]
|
||||||
--tls-key "~/.gotty.crt" TLS/SSL key file path [$GOTTY_TLS_KEY]
|
--tls-key "~/.gotty.crt" TLS/SSL key file path [$GOTTY_TLS_KEY]
|
||||||
|
--client, -C Enable Client Certificate [$GOTTY_CLIENT]
|
||||||
|
--client-ca-file "~/.gotty.ca.crt" Client CA certificate file [$GOTTY_CLIENT_CA_FILE]
|
||||||
|
--client-verify Enable verification of client certificate [$GOTTY_CLIENT_VERIFY]
|
||||||
--index Custom index file [$GOTTY_INDEX]
|
--index Custom index file [$GOTTY_INDEX]
|
||||||
--title-format "GoTTY - {{ .Command }} ({{ .Hostname }})" Title format of browser window [$GOTTY_TITLE_FORMAT]
|
--title-format "GoTTY - {{ .Command }} ({{ .Hostname }})" Title format of browser window [$GOTTY_TITLE_FORMAT]
|
||||||
--reconnect Enable reconnection [$GOTTY_RECONNECT]
|
--reconnect Enable reconnection [$GOTTY_RECONNECT]
|
||||||
@ -101,6 +104,8 @@ All traffic between the server and clients are NOT encrypted by default. When yo
|
|||||||
openssl req -x509 -nodes -days 9999 -newkey rsa:2048 -keyout ~/.gotty.key -out ~/.gotty.crt
|
openssl req -x509 -nodes -days 9999 -newkey rsa:2048 -keyout ~/.gotty.key -out ~/.gotty.crt
|
||||||
```
|
```
|
||||||
|
|
||||||
|
For added security you can use an SSL/TLS client certificate by enabling it with the `-C` option (this requires the `-t` or `--tls` flag to be set). This requires all client connecting to provide a valid certificate that can be validated (use the `--client-verify` option to make verification mandatory) against the CA file that is provided via the `--client-ca-file` option.
|
||||||
|
|
||||||
(NOTE: For Safari uses, see [how to enable self-signed certificates for WebSockets](http://blog.marcon.me/post/24874118286/secure-websockets-safari) when use self-signed certificates)
|
(NOTE: For Safari uses, see [how to enable self-signed certificates for WebSockets](http://blog.marcon.me/post/24874118286/secure-websockets-safari) when use self-signed certificates)
|
||||||
|
|
||||||
## Sharing with Multiple Clients
|
## Sharing with Multiple Clients
|
||||||
|
Loading…
Reference in New Issue
Block a user