mtlsproxy

Simple mTLS reverse proxy to handle mTLS with client

Stars
0
Committers
2
View Code on GitHub
Ecosystems: Go

mTLS Proxy

This is a simple Mutual TLS (mTLS) reverse proxy that handles mTLS with the client.

Clone the Server

% git clone https://github.com/grokify/mtlsproxy
% cd mtlsproxy

Generate Key and Certificate

Create test keys and certificates for server and client usage in non-interactive mode with 1 day expiration.

% openssl req -x509 -newkey rsa:4096 -keyout server_key.pem -out server_cert.pem -sha256 -days 1 -nodes -subj "/C=US/ST=California/L=Silicon Valley/O=Local/OU=Host/CN=localhost"
% openssl req -x509 -newkey rsa:4096 -keyout client_key.pem -out client_cert.pem -sha256 -days 1 -nodes -subj "/C=US/ST=California/L=Silicon Valley/O=Local/OU=Host/CN=client"

Ref: https://stackoverflow.com/a/10176685/1908967

Configure and Start Server

% export MTLSP_SERVER_KEY_PATH=server_key.pem
% export MTLSP_SERVER_CERT_PATH=server_cert.pem
% export MTLSP_CLIENT_CA_PATHS=client_cert.pem
% export MTLSP_UPSTREAM_URL=http://example.com
% export MTLSP_PORT=8080
% go run main.go
2024/03/26 07:36:57 listen:  [::]:8080

Make mTLS Request using cURL

% curl --cert client_cert.pem --key client_key.pem --cacert server_crt.pem  https://localhost:8080

Returns page from http://example.com.

References

  1. https://pkg.go.dev/net/http/httputil#ReverseProxy
  2. https://gist.github.com/JalfResi/6287706
  3. https://github.com/habibiefaried/mtls-tcp-proxy/tree/main
  4. https://github.com/picatz/mtls-proxy
  5. https://stackoverflow.com/questions/76684798/proxy-server-in-go-using-existing-net-conn
  6. https://stackoverflow.com/questions/35390726/confirm-tls-certificate-while-performing-reverseproxy-in-golang
  7. https://blog.joshsoftware.com/2021/05/25/simple-and-powerful-reverseproxy-in-go/
  8. https://medium.com/trendyol-tech/golang-ile-custom-reverse-proxy-yapmak-7a4198fe86fc
  9. https://stackoverflow.com/questions/63899700/how-to-stop-showing-target-url-in-reverseproxy-in-golang-using-newsinglehostreve
  10. https://stackoverflow.com/questions/54385164/golang-reverse-proxy-multiple-target-urls-without-appending-subpaths
  11. https://stackoverflow.com/questions/23164547/golang-reverseproxy-not-working
  12. https://stackoverflow.com/questions/50694429/curl-with-client-certificate-authentication
  13. https://stackoverflow.com/questions/70207857/reverse-proxy-using-go-to-cloud-run-instance
  14. https://www.integralist.co.uk/posts/golang-reverse-proxy/
  15. https://github.com/picatz/mtls-proxy/blob/main/pkg/proxy/server.go
  16. https://www.reddit.com/r/golang/comments/zdsgon/octoproxy_simple_tcptls_proxy_support_mutual/
  17. https://smallstep.com/hello-mtls/doc/combined/go/nginx-proxy
  18. https://smallstep.com/hello-mtls/doc/client/curl
  19. https://medium.com/@brucifi/working-with-tls-client-certificates-f67437a9aeb9
  20. https://downey.io/notes/dev/curl-using-mutual-tls/
Package Rankings
Top 7.48% on Proxy.golang.org
Related Projects
goproxy

An HTTP proxy library for Go

22 Mar 2012 6,019
udig

public-key addressed TCP tunnel broker

27 Nov 2018 50
go-tls-mutual-auth

SSL/TLS mutual authentication example in Go, and layer 4 (tcp) load balancing

07 Dec 2015 30
goproxy

A global proxy for Go modules.

31 Aug 2018 5,798
ssl-proxy

Simple zero-config SSL reverse proxy with real autogenerated certificates (LetsEncrypt, self-sign...

12 Aug 2018 732
tcpprox

Simple TCP proxy. Allows you to intercept/inspect TCP traffic.

10 Mar 2016 104
tls_proxy

A lightweight reverse proxy server that converts TLS traffic to TCP, allowing secure communicatio...

16 Aug 2024 65
revsocks

Reverse SOCKS5 implementation in Go

04 Oct 2019 321
forward-cli

A command-line tool to reverse proxy any server. 快速反向代理任何网站

24 Dec 2021 33
mtls-go-example

Simple example using mutual TLS authentication with a Golang server

18 Dec 2017 154
go-mitmproxy

mitmproxy implemented with golang. 用 Golang 实现的中间人攻击(Man-in-the-middle),解析、监测、篡改 HTTP/HTTPS 流量。

25 Nov 2020 1,208