### Intro

The plan is to create a pair of executables (`ngrok` and `ngrokd`) that are connected with a self-signed SSL cert. Since the client and server executables are paired, you won't be able to use any other `ngrok` to connect to this `ngrokd`, and vice versa.

### DNS

Add two DNS records: one for the base domain and one for the wildcard domain. For example, if your base domain is `domain.com`, you'll need a record for that and for `*.domain.com`.

### On Server

MAKE SURE YOU SET `NGROK_DOMAIN` BELOW. Set it to the base domain, not the wildcard domain.

```
NGROK_DOMAIN="my.domain.com"
git clone https://github.com/inconshreveable/ngrok.git
cd ngrok

openssl genrsa -out rootCA.key 2048
openssl req -x509 -new -nodes -key rootCA.key -subj "/CN=$NGROK_DOMAIN" -days 1024 -out rootCA.pem
openssl genrsa -out device.key 2048
openssl req -new -key device.key -subj "/CN=$NGROK_DOMAIN" -out device.csr
openssl x509 -req -in device.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out device.crt -days 500

cp rootCA.pem assets/client/tls/ngrokroot.crt
# make clean
make release-server release-client
```

Copy `bin/ngrok` to whatever computer you want to connect from. Then start the server:

```
bin/ngrokd -tlsKey=device.key -tlsCrt=device.crt -domain="$NGROK_DOMAIN" -httpAddr=":8000" -httpsAddr=":8001"
```


### On Client

MAKE SURE YOU SET `NGROK_DOMAIN` BELOW. Set it to the base domain, not the wildcard domain.

```
NGROK_DOMAIN="my.domain.com"
echo -e "server_addr: $NGROK_DOMAIN:4443\ntrust_host_root_certs: false" > ngrok-config
./ngrok -config=ngrok-config -proto=tcp 22
```