tlsgate

TLS proxy
git clone git://git.akobets.xyz/tlsgate
Log | Files | Refs | README | LICENSE

tlsgate.1 (1802B)


      1 .TH TLSGATE 1
      2 .SH NAME
      3 tlsgate - TLS proxy
      4 .SH SYNOPSIS
      5 .B tlsgate
      6 -s/-S [-h host] [-p port] [-u file] [-H host] [-P port] [-U file]
      7 [-c cert] [-k key] [-C ca] [-t timeout] [-v]
      8 .SH DESCRIPTION
      9 .B tlsgate
     10 is a TLS proxy.
     11 It takes incoming client connections and redirects them to a server:
     12 
     13   client -> proxy -> server
     14 
     15 It can be configured which side of the connection uses TLS: client or server.
     16 .SH OPTIONS
     17 .TP
     18 .B -s
     19 Client side is TLS side.
     20 .TP
     21 .B -S
     22 Server side is TLS side.
     23 .TP
     24 .B -h host
     25 Proxy hostname.
     26 .TP
     27 .B -p port
     28 Proxy port number.
     29 .TP
     30 .B -u file
     31 Proxy UNIX domain socket path. Can not be used with -s.
     32 .TP
     33 .B -H host
     34 Server hostname.
     35 .TP
     36 .B -P port
     37 Server port number.
     38 .TP
     39 .B -U file
     40 Server UNIX domain socket path. Can not be used with -S.
     41 .TP
     42 .B -c cert
     43 Path to public certificate. Required with -s.
     44 .TP
     45 .B -k key
     46 Path to private key. Required with -s.
     47 .TP
     48 .B -C ca
     49 Path to CA root certificates.
     50 .TP
     51 .B -t timeout
     52 Connection timeout (in seconds). Default is 30. 0 means no timeout.
     53 Default makes sure hanging client connections are removed.
     54 Setting this to 0 is useful if you do not want connections to timeout,
     55 for example if you're setting up TLS support for an IRC client (see EXAMPLES).
     56 .TP
     57 .B -v
     58 Print version number and exit.
     59 .SH EXAMPLES
     60 Setup an HTTPS server: accept connections on port 443 and pass them to a local HTTP server on port 80.
     61 
     62 $ tlsgate \\
     63     -s \\
     64     -h 0.0.0.0 \\
     65     -p 443 \\
     66     -H 0.0.0.0 \\
     67     -P 80 \\
     68     -c /etc/path/to/cert/cert.pem \\
     69     -k /etc/path/to/key/key.pem
     70 
     71 Use TLS with an IRC client that does not support it (client is connecting to /tmp/irc.sock).
     72 Timeout is set to 0 so proxy does not timeout.
     73 
     74 $ tlsgate \\
     75     -S \\
     76     -u /tmp/irc.sock \\
     77     -H irc.server.com \\
     78     -P 6697 \\
     79     -t 0
     80 .SH AUTHOR
     81 Artem Kobets <artem@akobets.xyz>