GitProxy HTTPS support

[msagi]

Is your feature request related to a problem? Please describe.
GitProxy supports HTTP only for the git proxy interface. HTTP communication is not encrypted and therefore not secure to send sensitive information through.

Describe the solution you'd like
Add HTTPS support to the git proxy interface to increase overall security of the solution.

Describe alternatives you've considered
Running GitProxy locally only, so communication does not leave localhost... but this severely limits the usability of GitProxy as an enterprise gateway to open source hubs.

[maoo]

@msagi - I've played a bit on this and got something to work; let me explain.

Adding HTTPS support to express is trivial, so trivial that fits in a screenshot 😄

The certificates were generated with one command:

openssl req -x509 -newkey rsa:4096 -keyout certs/key.pem -out certs/cert.pem -sha256 -days 3650 -nodes -subj "/C=US/ST=NY/L=New York/O=FINOS/OU=CTI/CN=localhost"

Of course, the path to certificates should be stored in (and fetched from) proxy.config.json, but that's a simple change.

In order to test it locally, using self-signed certificates, you'll have to add -c http.sslVerify=false to the git clone command; in the docs it's also worth mentioning that in a production environment it's probably best (and even easier) to delegate HTTPS to a reverse proxy like HAProxy or Nginx.

If you like what you see, I can work on a proper PR, with docs changes and proper configuration.

Eager to hear your feedback!

[maoo]

@msagi - here's the code #558 ; I also invited you as a Git Proxy Contributor (a GitHub Team), to grant you Triage permissions , so that I can set you as PR reviewer.

[JamieSlome]

@maoo @msagi - #558 has been merged 👍 Are we happy to close this issue?