Add support for client-side certificates

3 files changed, 23 insertions, 2 deletions

diff --git a/example/client/.gitignore b/example/client/.gitignore
new file mode 100644
index 0000000..37278c1
--- /dev/null
+++ b/example/client/.gitignore
@@ -0,0 +1,2 @@
+client.crt
+client.key
diff --git a/example/client/client.go b/example/client/client.go
index 5b6fde2..0dac61b 100644
--- a/example/client/client.go
+++ b/example/client/client.go
@@ -4,14 +4,33 @@ package main
 
 import (
 	"bufio"
+	"crypto/tls"
 	"fmt"
-	"git.sr.ht/~adnano/go-gemini"
 	"log"
 	"os"
+
+	"git.sr.ht/~adnano/go-gemini"
 )
 
 var client gemini.Client
 
+func init() {
+	// Configure a client side certificate.
+	// To generate a certificate, run:
+	//
+	//     openssl genrsa -out client.key 2048
+	//     openssl ecparam -genkey -name secp384r1 -out client.key
+	//     openssl req -new -x509 -sha256 -key client.key -out client.crt -days 3650
+	//
+	config := tls.Config{}
+	cert, err := tls.LoadX509KeyPair("example/client/client.crt", "example/client/client.key")
+	if err != nil {
+		log.Fatal(err)
+	}
+	config.Certificates = append(config.Certificates, cert)
+	client.TLSConfig = config
+}
+
 func makeRequest(url string) {
 	resp, err := client.Request(url)
 	if err != nil {
diff --git a/example/server/server.go b/example/server/server.go
index 3f0a3e3..dbb23a0 100644
--- a/example/server/server.go
+++ b/example/server/server.go
@@ -17,7 +17,7 @@ func main() {
 	//     openssl ecparam -genkey -name secp384r1 -out server.key
 	//     openssl req -new -x509 -sha256 -key server.key -out server.crt -days 3650
 	//
-	config := &tls.Config{}
+	config := tls.Config{}
 	cert, err := tls.LoadX509KeyPair("example/server/server.crt", "example/server/server.key")
 	if err != nil {
 		log.Fatal(err)