search

mislav / hub

A command-line tool that makes git easier to use with GitHub.
https://hub.github.com/
MIT License
22.84k stars 2.2k forks source link

Support client certificates for GitHub Enterprise #1494

Open brandur opened 7 years ago

brandur commented 7 years ago

This is a bit of a special snowflake situation, but our GitHub Enterprise has been configured with an additional layer of security whereby a client certificate needs to be sent along with all requests to it.

I've built support for this and am wondering if I could possibly send it upstream. Would you be open to a patch that allows hub to support this through either something like a configuration option or an environmental variable?

My proposed interface would be a little like how client certificates are sent in cURL, probably requiring that a certificate and private key are stacked into a single PEM-encoded file (with possible PKCS#12 support through golang.org/x/crypto/pkcs12). It might be better as environmental variable given how few people are going to ever need this (a little like configuring a proxy).

Any thoughts? Thanks!

mislav commented 7 years ago

Thanks for addressing this. I think a configuration option would be the best. Something like this in ~/.config/hub:

example.com:
- user: mislav
  oauth_token: PERSONAL_ACCESS_TOKEN
  protocol: https
  client_certificate: /path/to/cert.pem

A PR for this would be most welcome!

brandur commented 7 years ago

Thanks for the response and guidance @mislav! I still need to clean up my diff into something patch-worthy, but I wanted to acknowledge that I still plan to do this.