Comment by 🕹️ skyjake

=> Re: "Hi from Gem2Browser" | In: u/swee

Where are the client certificates (their private keys) stored? For security purposes, it would be wise to keep them on the user's local machine.

=> 🕹️ skyjake [sysop]

Jan 15 · 4 days ago

9 Later Comments ↓

=> 😺 swee [OP] · Jan 15 at 05:59:

The certificates uploaded to the server will be stored persistently on the server, if it were generated, the server would store it, and make the client download both the private key and chain in zip form.

=> 😺 swee [OP] · Jan 15 at 06:01:

The name of the certificate (which would be a UUID) is stored in a cookie (locally)

=> 😺 swee [OP] · Jan 15 at 21:58:

I might make it store the cert & privkey in cookies some time

=> 💎 pista · Jan 17 at 17:50:

I was about to work on something like this. Glad someone already did it.

It’s a good way to solve the problem of enabling Gemini access from older systems without modern SSL if you don’t mind the security holes that come from running it on port 80 behind basic http auth.

=> 😺 swee [OP] · Jan 17 at 19:28:

@pista yeah, I mainly made this because there isn't a great way to universally use Gemini (Especially when I use Alpine Linux and old android versions)

Plus, it just feels easier/comfortable to access gemini from my regular browser instead of some client I have to learn to use.

=> 💎 pista · Jan 18 at 00:01:

Is it currently in a working state? I tried installing and am getting what appears to be error related to hypercorn and flask:

[2025-01-17 18:56:02 -0500] [276399] [ERROR] Error in ASGI Framework

Traceback (most recent call last):

File "/usr/lib/python3/dist-packages/hypercorn/asyncio/task_group.py", line 21, in _handle

await invoke_asgi(app, scope, receive, send)

File "/usr/lib/python3/dist-packages/hypercorn/utils.py", line 242, in invoke_asgi

asgi_instance = app(scope)

TypeError: Flask.call() missing 1 required positional argument: 'start_response'

=> 😺 swee [OP] · 12 hours ago:

@pista Yes, it is working for me. Weird, I never had an error like this...

I'm currently using Flask version 3.0.2 and hypercorn version 0.14 (provided by Ubuntu)

Update: I made a workflow to test my webserver, it uses the latest Hypercorn & Flask ver, but it seems to work fine

=> — ref: Forgejo action runs

=> 💎 pista · 7 hours ago:

That’s probably the problem. My server is on jammy and has the last version of flask.

Ho hum. Guess I need to go ahead with writing my own version in something with easier requirements.

=> 😺 swee [OP] · 6 hours ago:

@pista I made an update that requires the manual use of the hypercorn command, you can try using the webserver using hypercorn --bind=0.0.0.0:2009 server:app and it should work properly

Original Post

=> 😺 swee

Hi from Gem2Browser — I added a feature to my HTTP to Gemini that can load client certs! :3

=> 💬 10 comments · 1 like · Jan 15 · 4 days ago