[ci skip] Update README.md

author Shuanglei Tao <tsl0922@gmail.com>

Thu, 24 Nov 2016 06:09:10 +0000 (14:09 +0800)

committer Shuanglei Tao <tsl0922@gmail.com>

Thu, 24 Nov 2016 06:09:10 +0000 (14:09 +0800)
author Shuanglei Tao <tsl0922@gmail.com>
Thu, 24 Nov 2016 06:09:10 +0000 (14:09 +0800)
committer Shuanglei Tao <tsl0922@gmail.com>
Thu, 24 Nov 2016 06:09:10 +0000 (14:09 +0800)
diff --git a/README.md b/README.md

index 58548d9d7988ea9a7e9961144a6e4823242a8795..7923565fa329088728cea1a324aea2cfd615c538 100644 (file)
--- a/README.md
+++ b/README.md
@@ -99,7 +99,7 @@ Then open <http://localhost:8080> with a broswer, you will get a bash shell with
  Generate SSL CA and self signed server/client certificates:
  
  ```bash
-# CA
+# CA certificate (FQDN must be different from server/client)
  openssl genrsa -out ca.key 4096
  openssl req -new -x509 -days 365 -key ca.key -out ca.crt
  # server certificate
@@ -115,7 +115,12 @@ openssl pkcs12 -in client.p12 -out client.pem -clcerts
  Then start ttyd:
  
  ```bash
-ttyd --ssl --ssl-cert ca.crt --ssl-key ca.key --ssl-ca ca.crt bash
+ttyd --ssl --ssl-cert server.crt --ssl-key server.key --ssl-ca ca.crt bash
+```
+You may want to test the client certificate verification with `curl`:
+
+```bash
+curl --insecure --cert client.p12[:password] -v https://localhost:7681
  ```
  
  If you don't want to enable client certificate verification, remove the `--ssl-ca` option.
@@ -141,4 +146,4 @@ Docker containers are jailed environments which are more secure, this is useful
    [6]: https://www.lede-project.org
    [7]: http://brew.sh
    [8]: https://chromium.googlesource.com/apps/libapps/+/HEAD/hterm
-  [9]: https://github.com/tsl0922/ttyd/issues/6
-\ No newline at end of file
+  [9]: https://github.com/tsl0922/ttyd/issues/6
author	Shuanglei Tao <tsl0922@gmail.com>
	Thu, 24 Nov 2016 06:09:10 +0000 (14:09 +0800)
committer	Shuanglei Tao <tsl0922@gmail.com>
	Thu, 24 Nov 2016 06:09:10 +0000 (14:09 +0800)