ngrok使用https进行访问

 

转自:https://github.com/inconshreveable/ngrok/blob/master/docs/SELFHOSTING.md#4-run-the-server

1. Get an SSL certificate

ngrok provides secure tunnels via TLS, so you'll need an SSL certificate. Assuming you want to create tunnels on *.example.com, buy a wildcard SSL certificate for *.example.com. Note that if you don't need to run https tunnels that you don't need a wildcard certificate. (In fact, you can just use a self-signed cert at that point, see the section on that later in the document).

2. Modify your DNS

You need to use the DNS management tools given to you by your provider to create an A record which points *.example.com to the IP address of the server where you will run ngrokd.

3. Compile it

You can compile an ngrokd server with the following command:

make release-server

Make sure you compile it with the GOOS/GOARCH environment variables set to the platform of your target server. Then copy the binary over to your server.

4. Run the server

You'll run the server with the following command.

./ngrokd -tlsKey="/path/to/tls.key" -tlsCrt="/path/to/tls.crt" -domain="example.com"

Specifying your TLS certificate and key

ngrok only makes TLS-encrypted connections. When you run ngrokd, you'll need to instruct it where to find your TLS certificate and private key. Specify the paths with the following switches:

-tlsKey="/path/to/tls.key" -tlsCrt="/path/to/tls.crt"

Setting the server's domain

When you run your own ngrokd server, you need to tell ngrokd the domain it's running on so that it knows what URLs to issue to clients.

-domain="example.com"

5. Configure the client

In order to connect with a client, you'll need to set two options in ngrok's configuration file. The ngrok configuration file is a simple YAML file that is read from ~/.ngrok by default. You may specify a custom configuration file path with the -config switch. Your config file must contain the following two options.

server_addr: example.com:4443
trust_host_root_certs: true

Substitute the address of your ngrokd server for "example.com:4443". The "trust_host_root_certs" parameter instructs ngrok to trust the root certificates on your computer when establishing TLS connections to the server. By default, ngrok only trusts the root certificate for ngrok.com.

6. Connect with a client

Then, just run ngrok as usual to connect securely to your own ngrokd server!

ngrok 80

ngrokd with a self-signed SSL certificate

It's possible to run ngrokd with a a self-signed certificate, but you'll need to recompile ngrok with your signing CA. If you do choose to use a self-signed cert, please note that you must either remove the configuration value for trust_host_root_certs or set it to false:

trust_host_root_certs: false

Special thanks @kk86bioinfo, @lyoshenka and everyone in the thread https://github.com/inconshreveable/ngrok/issues/84for help in writing up instructions on how to do it:

https://gist.github.com/lyoshenka/002b7fbd801d0fd21f2f https://github.com/inconshreveable/ngrok/issues/84

  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值