added ssl admin

README.md

@@ -186,6 +186,9 @@ portspoof-py [OPTIONS]
 | `--admin-port PORT` | disabled | Start the web admin interface on this port. |
 | `--admin-host HOST` | `127.0.0.1` | Address the admin interface binds to. Set to `0.0.0.0` to expose it on all interfaces (protect with a firewall). |
 | `--admin-passwd FILE` | `admin.passwd` | File containing `username:password` on a single line. Required when `--admin-port` is used. |
+| `--admin-ssl` | off | Serve the admin interface over HTTPS. |
+| `--admin-ssl-cert FILE` | `admin.crt` | TLS certificate PEM file. If the file does not exist it is auto-generated as a self-signed cert (requires `openssl` on PATH). |
+| `--admin-ssl-key FILE` | `admin.key` | TLS private key PEM file. Auto-generated alongside the cert if missing. |
 | `--email-config FILE` | `email.json` | JSON file where email alert settings are stored. Created automatically when you first save settings from the admin UI. |
 
 ---
@@ -354,6 +357,24 @@ echo "admin:changeme" > admin.passwd
 
 The file must contain a single line in `username:password` format. Pass a custom path with `--admin-passwd FILE`.
 
+### HTTPS / TLS
+
+Add `--admin-ssl` to serve the interface over HTTPS:
+
+```bash
+sudo python3 -m portspoof_py \
+    -p 4444 -s tools/portspoof_signatures \
+    --admin-port 8080 --admin-ssl
+```
+
+On first run, a self-signed certificate (`admin.crt` / `admin.key`) is generated automatically using `openssl`. Your browser will show an untrusted-certificate warning — add an exception or use a real cert.
+
+To use your own certificate:
+
+```bash
+--admin-ssl --admin-ssl-cert /etc/ssl/mycert.pem --admin-ssl-key /etc/ssl/mykey.pem
+```
+
 ### Dashboard — `GET /`
 
 A dark-themed HTML page that auto-refreshes every 5 seconds. Sections: