From cc06e65b419f4410573a39de9df526f2b73a2b28 Mon Sep 17 00:00:00 2001
From: adnano <me@adnano.co>
Date: Mon, 21 Sep 2020 18:21:42 -0400
Subject: Add support for client-side certificates

---
 example/client/.gitignore |  2 ++
 example/client/client.go  | 21 ++++++++++++++++++++-
 2 files changed, 22 insertions(+), 1 deletion(-)
 create mode 100644 example/client/.gitignore

(limited to 'example/client')

diff --git a/example/client/.gitignore b/example/client/.gitignore
new file mode 100644
index 0000000..37278c1
--- /dev/null
+++ b/example/client/.gitignore
@@ -0,0 +1,2 @@
+client.crt
+client.key
diff --git a/example/client/client.go b/example/client/client.go
index 5b6fde2..0dac61b 100644
--- a/example/client/client.go
+++ b/example/client/client.go
@@ -4,14 +4,33 @@ package main
 
 import (
 	"bufio"
+	"crypto/tls"
 	"fmt"
-	"git.sr.ht/~adnano/go-gemini"
 	"log"
 	"os"
+
+	"git.sr.ht/~adnano/go-gemini"
 )
 
 var client gemini.Client
 
+func init() {
+	// Configure a client side certificate.
+	// To generate a certificate, run:
+	//
+	//     openssl genrsa -out client.key 2048
+	//     openssl ecparam -genkey -name secp384r1 -out client.key
+	//     openssl req -new -x509 -sha256 -key client.key -out client.crt -days 3650
+	//
+	config := tls.Config{}
+	cert, err := tls.LoadX509KeyPair("example/client/client.crt", "example/client/client.key")
+	if err != nil {
+		log.Fatal(err)
+	}
+	config.Certificates = append(config.Certificates, cert)
+	client.TLSConfig = config
+}
+
 func makeRequest(url string) {
 	resp, err := client.Request(url)
 	if err != nil {
-- 
cgit v1.2.3