From: Shuanglei Tao Date: Thu, 24 Nov 2016 06:09:10 +0000 (+0800) Subject: [ci skip] Update README.md X-Git-Url: http://git.prime8.dev/?a=commitdiff_plain;h=8dd7ceaac1863cfbab9419c008449a307e055f8b;p=ttyd.git [ci skip] Update README.md --- diff --git a/README.md b/README.md index 58548d9..7923565 100644 --- a/README.md +++ b/README.md @@ -99,7 +99,7 @@ Then open with a broswer, you will get a bash shell with Generate SSL CA and self signed server/client certificates: ```bash -# CA +# CA certificate (FQDN must be different from server/client) openssl genrsa -out ca.key 4096 openssl req -new -x509 -days 365 -key ca.key -out ca.crt # server certificate @@ -115,7 +115,12 @@ openssl pkcs12 -in client.p12 -out client.pem -clcerts Then start ttyd: ```bash -ttyd --ssl --ssl-cert ca.crt --ssl-key ca.key --ssl-ca ca.crt bash +ttyd --ssl --ssl-cert server.crt --ssl-key server.key --ssl-ca ca.crt bash +``` +You may want to test the client certificate verification with `curl`: + +```bash +curl --insecure --cert client.p12[:password] -v https://localhost:7681 ``` If you don't want to enable client certificate verification, remove the `--ssl-ca` option. @@ -141,4 +146,4 @@ Docker containers are jailed environments which are more secure, this is useful [6]: https://www.lede-project.org [7]: http://brew.sh [8]: https://chromium.googlesource.com/apps/libapps/+/HEAD/hterm - [9]: https://github.com/tsl0922/ttyd/issues/6 \ No newline at end of file + [9]: https://github.com/tsl0922/ttyd/issues/6