✨ Support pem format

README.md

@@ -105,6 +105,12 @@ You can download the Mediator Root Certificate by visit `http://<YOUR PC/MAC IP>
 > To prevent abuse of the same root certificate, each Mediator installation generates a different root certificate.  
 > You need reinstall the Mediator Root Certificate when you use different Mediator installation.
 
+> Tips:  
+> Mediator provide multi format of Root Certificate, you can choose the format you like.
+> - `/mediatorRoot.cer` - DER format
+> - `/mediatorRoot.crt` - PEM format
+> - `/mediatorRoot.pem` - PEM format
+
 #### Install Mediator Root Certificate for JDK
 
 JDK will not trust the Mediator Root Certificate by default even you install it to system.
@@ -114,6 +120,21 @@ You can find the JDK keystore file in `$JAVA_HOME/jre/lib/security/cacerts` or `
 Then import the Mediator Root Certificate to JDK cacerts file
 by `keytool -import -keystore $JAVA_HOME/lib/security/cacerts -file mediatorRoot.cer` command.
 
+#### Install Mediator Root Certificate for Android
+
+Download the Mediator Root Certificate in browser by visit `http://<YOUR PC/MAC IP>:8888/mediatorRoot.cer` on your
+Android device.
+
+Check [this guide](https://support.google.com/pixelphone/answer/2844832?hl=en) to install it to your device.
+
+#### Install Mediator Root Certificate for iOS
+
+gRPC ObjectC client will not trust the Mediator Root Certificate by default even you install it to system.
+
+You need pass the PEM format certificate to the `[GRPCCallOptions setPEMRootCertificates: cert]` method.
+
+Download the PEM format certificate by `http://<YOUR PC/MAC IP>:8888/mediatorRoot.pem`.
+
 ### Resolve messages
 
 Mediator support renders message as JSON tree if your server supports

core/src/main/kotlin/io/kanro/mediator/netty/frontend/EchoService.kt

@@ -7,17 +7,39 @@ import io.netty.handler.codec.http.HttpMethod
 import io.netty.handler.codec.http.HttpRequest
 import io.netty.handler.codec.http.HttpResponse
 import io.netty.handler.codec.http.HttpResponseStatus
+import org.bouncycastle.openssl.jcajce.JcaPEMWriter
+import java.io.StringWriter
+import java.nio.charset.Charset
 
 object EchoService {
     fun buildEchoResponse(context: ChannelHandlerContext, request: HttpRequest): HttpResponse {
-        if (request.method() == HttpMethod.GET && request.uri() == "/mediatorRoot.cer") {
+        if (request.method() == HttpMethod.GET) {
             val support = context.channel().attr(GrpcProxySupport.KEY).get()
             val certificate = support.getCertificateAuthority()
-            return DefaultFullHttpResponse(
-                request.protocolVersion(),
-                HttpResponseStatus.OK,
-                context.alloc().buffer().writeBytes(certificate.encoded).retain()
-            )
+            when (request.uri()) {
+                "/mediatorRoot.cer" -> {
+                    return DefaultFullHttpResponse(
+                        request.protocolVersion(),
+                        HttpResponseStatus.OK,
+                        context.alloc().buffer().writeBytes(certificate.encoded).retain()
+                    )
+                }
+
+                "/mediatorRoot.pem", "/mediatorRoot.crt" -> {
+                    val writer = StringWriter()
+                    JcaPEMWriter(writer).apply {
+                        writeObject(certificate)
+                        flush()
+                        close()
+                    }
+                    return DefaultFullHttpResponse(
+                        request.protocolVersion(),
+                        HttpResponseStatus.OK,
+                        context.alloc().buffer().writeBytes(writer.toString().toByteArray(Charset.defaultCharset()))
+                            .retain()
+                    )
+                }
+            }
         }
 
         val body = html {