Final changes

mrunix00 · Jul 3, 2024 · d984282 · d984282
1 parent 877a9e0
commit d984282
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 21 deletions.
diff --git a/README.md b/README.md
@@ -2,22 +2,21 @@
 A forward proxy with support for TLS Tunneling and caching with redis.
 
 ## How to use
-1. Optional: To avoid annoying OpenSSL error messages in HTTPS websites, create a self-signed certificate and load it to your system.
+1. Create a self-signed certificate.
 ```bash
 openssl req -new -newkey rsa:2048 -days 3650 -nodes -x509 -keyout myCA.key -out myCA.pem
 ```
-You'll be asked to fill in some information, but you can leave it blank if you want except for the "Common Name", this should have the same value as the hostname of the HTTPS website you want to cache.
-Then load the certificate to your system.
+2. Optional: Load the certificate to your local system.
 ```bash
 sudo cp myCA.pem /etc/pki/ca-trust/source/anchors/
 sudo update-ca-trust
 ```
 
-2. Build the docker image.
+3. Build the docker image.
 ```bash
 docker build -t stargate-proxy .
 ```
-3. Create a docker compose file with the following content and change it to your needs.
+4. Create a docker compose file with the following content and change it to your needs.
 ```yaml
 version: '3.7'
 services:

diff --git a/main.go b/main.go
@@ -31,17 +31,11 @@ func handleHttpsTunneling(w http.ResponseWriter, r *http.Request, rdb *redis.Cli
 	}
 
 	// Create a TLS connection
-	var certificates []tls.Certificate
-	var getCertificate func(*tls.ClientHelloInfo) (*tls.Certificate, error)
-	if config.cert != nil {
-		certificates = append(certificates, *config.cert)
-		getCertificate = func(info *tls.ClientHelloInfo) (*tls.Certificate, error) {
-			return config.cert, nil
-		}
-	}
 	clientTLSConfig := &tls.Config{
-		Certificates:       certificates,
-		GetCertificate:     getCertificate,
+		Certificates: []tls.Certificate{*config.cert},
+		GetCertificate: func(info *tls.ClientHelloInfo) (*tls.Certificate, error) {
+			return config.cert, nil
+		},
 		InsecureSkipVerify: true,
 	}
 	clientTLSConn := tls.Server(srcConn, clientTLSConfig)

diff --git a/utils.go b/utils.go
@@ -74,13 +74,18 @@ func getConfiguration() (*Configuration, error) {
 
 	certFilePath := os.Getenv("SP_CERT_FILE")
 	keyFilePath := os.Getenv("SP_KEY_FILE")
-	if len(certFilePath) != 0 && len(keyFilePath) != 0 {
-		cert, err := tls.LoadX509KeyPair(certFilePath, keyFilePath)
-		if err != nil {
-			return nil, fmt.Errorf("failed to load certificate and/or key: %s", err.Error())
-		}
-		config.cert = &cert
+	if len(certFilePath) == 0 {
+		return nil, fmt.Errorf("SP_CERT_FILE environment variable is not set")
+	}
+	if len(keyFilePath) == 0 {
+		return nil, fmt.Errorf("SP_KEY_FILE environment variable is not set")
 	}
+	cert, err := tls.LoadX509KeyPair(certFilePath, keyFilePath)
+	if err != nil {
+		return nil, fmt.Errorf("failed to load certificate and/or key: %s", err.Error())
+	}
+	config.cert = &cert
+
 	return &config, nil
 }