From 0ee7abbd6a3614386e0b5389e05bb1800bcdea87 Mon Sep 17 00:00:00 2001 From: yincongcyincong <648588267@qq.com> Date: Thu, 28 Jun 2018 18:07:48 +0800 Subject: [PATCH 1/2] Update README.md --- README.md | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index eb5c163..5957011 100644 --- a/README.md +++ b/README.md @@ -37,7 +37,8 @@ Proxy is a high performance HTTP, HTTPS, HTTPS, websocket, TCP, UDP, Socks5 prox - ...   -This page is the v5.0 manual, and the other version of the manual can be checked by the following link. +This page is the v5.1 manual, and the other version of the manual can be checked by the following link. +- [v5.1 manual](https://github.com/snail007/goproxy/tree/v5.1) - [v4.9 manual](https://github.com/snail007/goproxy/tree/v4.9) - [v4.8 manual](https://github.com/snail007/goproxy/tree/v4.8) - [v4.7 manual](https://github.com/snail007/goproxy/tree/v4.7) @@ -204,9 +205,18 @@ for example, --log proxy.log, The log will be exported to proxy.log file which i ### **Generating a communication certificate file** HTTP, TCP, UDP proxy process will communicate with parent proxy. In order to secure, we use encrypted communication. Of course, we can choose not to encrypted communication. All communication with parent proxy in this tutorial is encrypted, requiring certificate files. -The OpenSSL command is installed on the Linux and encrypted certificate can be generated directly through the following command. -`./proxy keygen` -By default, the certificate file proxy.crt and the key file proxy.key are generated under the current program directory. + +1.Generate signed certificates and key files through the following commands. +`./proxy keygen -C proxy` +The certificate file proxy.crt and key file proxy.key will be generated under the current directory. + +2.Through the following commands, use the signed certificate proxy.crt and key file proxy.key to issue new certificates: goproxy.crt and goproxy.key. +`./proxy keygen -s -C proxy -c goproxy` +The certificate file goproxy.crt and key file goproxy.key will be generated under the current program directory. + +3.By default, the domain name in the certificate is a random domain and can be specified using the `-n test.com` parameter. + +4.More usage:`proxy keygen --help`。 ### **Daemon mode** After the default execution of proxy, if you want to keep proxy running, you can't close the command line. From 9b430b5ba4742d38dd2498631693cb967619e077 Mon Sep 17 00:00:00 2001 From: arraykeys Date: Thu, 28 Jun 2018 23:05:48 +0800 Subject: [PATCH 2/2] fix create root certificate --- utils/cert/cert.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/cert/cert.go b/utils/cert/cert.go index 58b2356..858f6e5 100644 --- a/utils/cert/cert.go +++ b/utils/cert/cert.go @@ -109,7 +109,7 @@ func CreateCa(organization string, expireDays int) (certBytes []byte, keyBytes [ NotAfter: time.Now().Add(time.Hour * 24 * time.Duration(expireDays)), KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign, - ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, + ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageClientAuth}, BasicConstraintsValid: true, IsCA: true, }