![]() Next, open the certificate in the app, enter the Trust section, and under When using this certificate select Always Trust. After opening this, drag the certificate into the app. This can be found under Application/Utilities/Keychain Access.app. On macOS, you can add your certificate by using the Keychain Access program. You can launch that by running the command: certmgr.msc On Windows, you would add your certificate by using the Certificate Manager. On Ubuntu, you can update your local CA store with the certificate by running the following commands: sudo cp ~/.hetty/hetty_cert.pem /usr/local/share/ca-certificates/hetty.crt In order for your browser to allow traffic to the local Hetty proxy, you may need to install these certificates to your local CA store. hetty -key key.pem -cert cert.pem Trusting the CA certificate Otherwise, you can specify the location of these as arguments to hetty. You can move them here and hetty will detect them automatically. The default location which hetty will check for the key and CA certificate is under ~/.hetty/, at hetty_key.pem and hetty_cert.pem respectively. Openssl req -newkey rsa:2048 -new -nodes -x509 -days 31 -keyout ~/.hetty/hetty_key.pem -out ~/.hetty/hetty_cert.pem You can start off by generating a new key and CA certificate which will both expire after a month. You should now have a key and certificate located at ~/.hetty/hetty_key.pem and ~/.hetty/hetty_cert.pemrespectively. To generate a default key and certificate with hetty, simply run the command with no arguments hetty Hetty will generate the default key and certificate on its own if none are supplied or found in ~/.hetty/ when first running the CLI. The first is suggested for any beginners trying to get started. The alternative is using OpenSSL to generate them, which provides more control over expiration time and cryptography used, but requires you install the OpenSSL tooling. The first is bundled directly with Hetty, and simplifies the process immensely. You can generate a CA keypair two different ways. This process was done on a Linux machine but should provide guidance on Windows and macOS as well. The following steps will cover how you can generate your certificate, provide them to hetty, and how you can install them in your local CA store. Furthermore, the CA certificate may need to be installed to the host for them to be trusted by your browser. In order for Hetty to proxy requests going to HTTPS endpoints, a root CA certificate for Hetty will need to be set up. Projects directory path (default "~/.hetty/projects")ĭetailed documentation is under development and will be available soon. Creates a new CA private key if file doesn't exist (default "~/.hetty/hetty_key.pem") Creates a new CA certificate is file doesn't exist (default "~/.hetty/hetty_cert.pem")ĬA private key filepath. TCP address to listen on, in the form "host:port" (default ":8080")ĬA certificate filepath. ![]() To start, ensure hetty (downloaded from a release, or manually built) is in your $PATH and run: $ hettyĪn overview of configuration flags: $ hetty -h hetty directory under the user’s home directory ( $HOME on Linux/macOS, %USERPROFILE% on Windows). When Hetty is run, by default it listens on :8080 and is accessible via Depending on incoming HTTP requests, it either acts as a MITM proxy, or it serves the API and web interface.īy default, project database files and CA certificates are stored in a. $ docker run -v $HOME/.hetty:/root/.hetty -p 8080:8080 dstotijn/hetty Usage For persistent storage of CA certificates and project databases, mount a volume: $ mkdir -p $HOME/.hetty go file with go.rice beforehand.Ĭlone the repository and use the build make target to create a binary: $ git clone cd hettyĪ Docker image is available on Docker Hub: dstotijn/hetty. Additionally, the static resources for the admin interface (Next.js) need to be generated via Yarn and embedded in a. Hetty depends on SQLite (via mattn/go-sqlite3) and needs cgo to compile.
0 Comments
Leave a Reply. |