From 3271a50bdb0f735af835509afae059d607752a31 Mon Sep 17 00:00:00 2001
From: ginuerzh <ginuerzh@gmail.com>
Date: Sat, 19 May 2018 12:05:23 +0800
Subject: [PATCH] support custom cert/key files to initialize the default
 certificate

---
 cmd/gost/cfg.go  |  9 +++++++--
 cmd/gost/main.go | 19 ++++++++++++-------
 2 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/cmd/gost/cfg.go b/cmd/gost/cfg.go
index 9031775..2241b58 100644
--- a/cmd/gost/cfg.go
+++ b/cmd/gost/cfg.go
@@ -17,13 +17,18 @@ import (
 	"github.com/ginuerzh/gost"
 )
 
+var (
+	defaultCertFile = "cert.pem"
+	defaultKeyFile  = "key.pem"
+)
+
 // Load the certificate from cert and key files, will use the default certificate if the provided info are invalid.
 func tlsConfig(certFile, keyFile string) (*tls.Config, error) {
 	if certFile == "" {
-		certFile = "cert.pem"
+		certFile = defaultCertFile
 	}
 	if keyFile == "" {
-		keyFile = "key.pem"
+		keyFile = defaultKeyFile
 	}
 	cert, err := tls.LoadX509KeyPair(certFile, keyFile)
 	if err != nil {
diff --git a/cmd/gost/main.go b/cmd/gost/main.go
index dd99707..23665f1 100644
--- a/cmd/gost/main.go
+++ b/cmd/gost/main.go
@@ -57,15 +57,20 @@ func init() {
 }
 
 func main() {
-	// generate random self-signed certificate.
-	cert, err := gost.GenCertificate()
+	// NOTE: as of 2.6, you can use custom cert/key files to initialize the default certificate.
+	config, err := tlsConfig(defaultCertFile, defaultKeyFile)
 	if err != nil {
-		log.Log(err)
-		os.Exit(1)
-	}
-	gost.DefaultTLSConfig = &tls.Config{
-		Certificates: []tls.Certificate{cert},
+		// generate random self-signed certificate.
+		cert, err := gost.GenCertificate()
+		if err != nil {
+			log.Log(err)
+			os.Exit(1)
+		}
+		config = &tls.Config{
+			Certificates: []tls.Certificate{cert},
+		}
 	}
+	gost.DefaultTLSConfig = config
 
 	for _, route := range routes {
 		if err := route.serve(); err != nil {