Add openssl cert generation procedure to README.

2012-02-02 07:05:55 -06:00 · 2012-02-02 07:05:55 -06:00 · 8e95f18f99
parent 27ec5cff89
commit 8e95f18f99
1 changed files with 14 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -17,6 +17,20 @@ encoding must used to encapsulate the data within UTF-8. Websockify
 uses base64 to encode all traffic to and from the client. This does
 not affect the data between websockify and the server.

+### Encrypted WebSocket connections (wss://)
+
+To encrypt the traffic using the WebSocket 'wss://' URI scheme you
+need to generate a certificate for websockify to load. By default websockify
+loads a certificate file name `self.pem` but the `--cert=CERT` option can
+override the file name. You can generate a self-signed certificate using
+openssl. When asked for the common name, use the hostname of the server where
+the proxy will be running:
+
+```
+openssl req -new -x509 -days 365 -nodes -out self.pem -keyout self.pem
+```
+
+
 ### Websock Javascript library