|
1 | 1 | # ssl-proxy |
2 | | -A simple Golang SSL reverse proxy that serves traffic over HTTPS and proxies it to any other web server you might be running. Overall, a simple way to add SSL/TLS to a web service. `ssl-proxy` will auto-generate self-signed certificates for you if none are provided to it (useful for things like `jupyter` notebooks in a pinch). |
| 2 | +A simple Golang SSL reverse proxy that serves traffic over HTTPS and proxies it to any other web server you might be running. `ssl-proxy` will auto-generate self-signed certificates for you if none are provided to it (useful for things like `jupyter` notebooks in a pinch). Usage is simple: |
| 3 | +## Usage |
| 4 | +```sh |
| 5 | +ssl-proxy -from 0.0.0.0:4430 -to 127.0.0.1:8000 |
| 6 | +``` |
| 7 | +This will immediately generate self-signed certificates and being proxying HTTPS traffic from https://0.0.0.0:4430 to http://127.0.0.1:8000. No need to ever call openssl. It will print the SHA256 fingerprint of the cert being used for you to perform manual certificate verification in the browser if you would like (before you "trust" the cert). |
3 | 8 |
|
4 | 9 | I know `nginx` is often used for stuff like this, but I got tired of dealing with the boilerplate and wanted to explore something fun. So I ended up throwing this together. |
5 | 10 |
|
6 | | -## Quick Start |
| 11 | +### Provide your own certs |
7 | 12 | ```sh |
8 | | -ssl-proxy -from 0.0.0.0:4430 -to http://127.0.0.1:8000 |
| 13 | +ssl-proxy -cert cert.pem -key myKey.pem -from 0.0.0.0:4430 -to 127.0.0.1:8000 |
9 | 14 | ``` |
10 | | -This will immediately generate self-signed certificates and being proxying HTTPS traffic from `0.0.0.0:4430` to `http://127.0.0.1:8000`. No need to ever call `openssl`. |
| 15 | +You can provide your own existing certs, of course. Jenkins still has issues serving the fullchain certs from letsencrypt properly, so this tool has come in handy for me there. |
11 | 16 |
|
12 | | -It will output the SHA256 fingerprint for you to perform manual certificate verification in the browser if needed (before you "trust" the cert). |
| 17 | +## Installation |
| 18 | +Simply download and uncompress the proper prebuilt binary for your system from the [releases tab](https://github.com/suyashkumar/ssl-proxy/releases/). Then, add the binary to your path or start using it locally (`./ssl-proxy`). |
13 | 19 |
|
14 | | -## Provide your own certs |
| 20 | +If you're using `wget`, you can fetch and uncompress the proper binary in one command: |
15 | 21 | ```sh |
16 | | -ssl-proxy -cert cert.pem -key myKey.pem -from 0.0.0.0:4430 -to http://127.0.0.1:8000 |
| 22 | +wget -qO- $BINARY_RELEASE_LINK | tar xvz |
17 | 23 | ``` |
18 | | -You can provide your own existing certs, of course. Jenkins still has issues serving the fullchain certs from letsencrypt properly, so this tool has come in handy for me there. |
| 24 | + |
| 25 | +### Build from source |
| 26 | +You must have Golang installed on your system along with `make`. Then simply clone the repository and run `make`. |
0 commit comments