Add usage explanations to README. - tlstun - simple go program to add tls support to other listeners

commit 8f92728352341b64822b0a31c7cc0474f30f527d
parent 7b2354eb63c673ed6db6c8886233edac31e6ed27
Author: parazyd <parazyd@dyne.org>
Date:   Wed, 10 Jul 2019 02:02:04 +0200

Add usage explanations to README.

Diffstat:
M README.md  | 19 +++++++++++++++++++

1 file changed, 19 insertions(+), 0 deletions(-)
diff --git a/README.md b/README.md
@@ -41,3 +41,22 @@ Usage of ./tlstun:
   -verifyclient
         Do client verification
 ```
+
+tlstun supports two different ways of multiplexing, one being normal TLS
+proxying, and the other being TLS proxying with client certificate
+authentication.
+
+
+### Without client verification
+
+Start tlstun with `-cert` and `-key`, and it will simply provide a TLS
+forward to its destination with the given TLS certificate.
+
+
+### With client verification
+
+With client verification, start tlstun with `-cacert`, `-cert`, `-key`,
+and `-verifyclient` and it will do client certificate verification. This
+means it will only allow access from clients providing a certificate
+signed by the CA certificate that is being loaded/used with tlstun on
+startup with `-cacert`.

	tlstun simple go program to add tls support to other listeners
	git clone https://git.parazyd.org/tlstun
	Log \| Files \| Refs \| README \| LICENSE