From a4e6fcd30140e3c1dc92f72310b94f0e8649418d Mon Sep 17 00:00:00 2001
From: Brandon Nozaki Miller <brandon@diginow.it>
Date: Sun, 27 Sep 2015 22:59:25 -0700
Subject: [PATCH] started documentation of tls/SSL

---
 README.md                   |  9 ++++++---
 example/TLSSocket/readme.md | 24 ++++++++++++++++++++++++
 2 files changed, 30 insertions(+), 3 deletions(-)
 create mode 100644 example/TLSSocket/readme.md

diff --git a/README.md b/README.md
index 7a76c77..fb28a6f 100644
--- a/README.md
+++ b/README.md
@@ -35,8 +35,9 @@ This work is licenced via the [DBAD Public Licence](http://www.dbad-license.org/
 4. [Basic Examples](#basic-examples)
     1. [Server for Unix||Windows Sockets & TCP Sockets](#server-for-unix-sockets--tcp-sockets)
     2. [Client for Unix||Windows Sockets & TCP Sockets](#client-for-unix-sockets--tcp-sockets)
-    3. [Server & Client for UDP Sockets](#server--client-for-udp-sockets)
-    4. [Raw Buffers or Binary Sockets](#raw-buffer-or-binary-sockets)
+    3. [Working with TLS Servers & clients](https://github.com/RIAEvangelist/node-ipc/tree/master/example/TLSSocket)
+    4. [Server & Client for UDP Sockets](#server--client-for-udp-sockets)
+    5. [Raw Buffers or Binary Sockets](#raw-buffer-or-binary-sockets)
 5. [Advanced Examples](https://github.com/RIAEvangelist/node-ipc/tree/master/example)
 
 
@@ -210,7 +211,9 @@ or explicitly setting the path with callback
 
 `ipc.connectToNet(id,host,port,callback)`  
 
-Used to connect as a client to a TCP or TLS socket via the network card. This can be local or remote, if local, it is recommended that you use the Unix and Windows Socket Implementaion of `connectTo` instead as it is much faster since it avoids the network card altogether.
+Used to connect as a client to a TCP or [TLS socket](https://github.com/RIAEvangelist/node-ipc/tree/master/example/TLSSocket) via the network card. This can be local or remote, if local, it is recommended that you use the Unix and Windows Socket Implementaion of `connectTo` instead as it is much faster since it avoids the network card altogether.
+
+For TLS and SSL Sockets see the [node-ipc TLS and SSL docs](https://github.com/RIAEvangelist/node-ipc/tree/master/example/TLSSocket). They have a few additional requirements, and things to know about and so have their own doc.
 
 | variable | required | definition |
 |----------|----------|------------|
diff --git a/example/TLSSocket/readme.md b/example/TLSSocket/readme.md
new file mode 100644
index 0000000..981a1ef
--- /dev/null
+++ b/example/TLSSocket/readme.md
@@ -0,0 +1,24 @@
+# Using TLS and SSL for Secure node-ipc
+
+### document in progress
+Still working on this. If you look at the examples and can help, please jump right in.
+
+#### important cli commands
+- openssl genrsa -out server.key 2048
+- openssl req -new -x509 -key server.key -out server.pub -days 365 -config openssl.cnf
+- talk about openssl.cnf edits
+
+#### using the local node-ipc certs
+This should **ONLY** be done on your local machine. Both the public and private certs are available here on git hub, so its not a good idea to use them over the network.
+
+#### talk about security
+- keep private keys private, don't shared
+
+#### talk about using hostname not ip for best security validation of certs
+
+
+#### examples
+- basic with default keys
+- specikfying keys
+- encrypted but venerable to man in the middle
+- two way authenticated pub private