Add openssl cert generation procedure to README.

author: Joel Martin <github@martintribe.org> 2012-02-02 07:05:55 -0600
committer: Joel Martin <github@martintribe.org> 2012-02-02 07:05:55 -0600
commit: 8e95f18f99ba6be06f2c6b63b7d1764f593959c5 (patch)
tree: 5d72990e4c4a103e8b295828a1cbd2d632a9bfdb /README.md
parent: 27ec5cff89f2008ed21c5586489058c79564c173 (diff)
download: websockify-8e95f18f99ba6be06f2c6b63b7d1764f593959c5.tar.gz
1 files changed, 14 insertions, 0 deletions
diff --git a/README.md b/README.md
index 562c4f7..7db1df4 100644
--- a/README.md
+++ b/README.md
@@ -17,6 +17,20 @@ encoding must used to encapsulate the data within UTF-8. Websockify
 uses base64 to encode all traffic to and from the client. This does
 not affect the data between websockify and the server.
 
+### Encrypted WebSocket connections (wss://)
+
+To encrypt the traffic using the WebSocket 'wss://' URI scheme you
+need to generate a certificate for websockify to load. By default websockify
+loads a certificate file name `self.pem` but the `--cert=CERT` option can
+override the file name. You can generate a self-signed certificate using
+openssl. When asked for the common name, use the hostname of the server where
+the proxy will be running:
+
+```
+openssl req -new -x509 -days 365 -nodes -out self.pem -keyout self.pem
+```
+
+
 ### Websock Javascript library
author	Joel Martin <github@martintribe.org>	2012-02-02 07:05:55 -0600
committer	Joel Martin <github@martintribe.org>	2012-02-02 07:05:55 -0600
commit	8e95f18f99ba6be06f2c6b63b7d1764f593959c5 (patch)
tree	5d72990e4c4a103e8b295828a1cbd2d632a9bfdb /README.md
parent	27ec5cff89f2008ed21c5586489058c79564c173 (diff)
download	websockify-8e95f18f99ba6be06f2c6b63b7d1764f593959c5.tar.gz