Support password protected private keys

[chrisr-cs]

Currently the private key can be specified with '--key' but the password cannot be provided for it (unless I have missed an option).

Would it be possible to support private key files that are password protected by adding an argument for the password?

Thank-you.

[csstaub]

Have you tried it with the keystore password flag?

I believe we propagate that here:
https://github.com/ghostunnel/ghostunnel/blob/master/certloader/keystore.go#L75
https://github.com/ghostunnel/ghostunnel/blob/master/certloader/certigo.go#L37

Internally keystores and PEM files are treated almost the same; we turn keystores into PEM before loading.

[chrisr-cs]

I tried with an encrypted key and using the storepass flag:
ghostunnel server --listen IP:PORT --target localhost:PORT --key ~/private_key_enc.pem --cert ~/cert.pem --disable-authentication --storepass password

The output was:
starting ghostunnel in server mode
using cert/key files on disk as certificate source
error: unable to load certificates: tls: failed to parse private key
error: tls: failed to parse private key

Note that the private key was encrypted using:
openssl rsa -aes256 -in private_key.pem -out private_key_enc.pem