A reverse proxy that is able to add signature header to all received request and forward the request to the actual server.
Steps:
- Git-clone the repository.
- Depending on the remote server you are trying to access, you might need to set values of environment variables using
exportcommand or by creating./.envfile. - Run
docker-compose up. - (Optional) if your tools need to verify SSL/TLS certificate, then 'locally' trust the generated CA Certificate in
./config/frontend-transport/ca.crt. On the other hand, you can also replace or regenerate all keys inside./config/{frontend-transport,signature}directory, for example in case you want to use your own CA Certificate. Just make sure to restart the services afterwards. - Distribute the public key in
./config/signature/pubkey.pemto the admin of the remote server you are trying to access in case it needs to verify the signature for all HTTP requests.
Note that you can use the httpsig-frproxy to sign any request to any host (even the one that does not verify the signature), as long as you can send the request to the proxy (e.g. by rewriting the IP Address of the Domain inside /etc/hosts file to IP where httpsig-frproxy is reachable)