mirror of
https://github.com/Start9Labs/documentation.git
synced 2026-03-26 02:11:55 +00:00
update windows and linux ca guides
This commit is contained in:
Matt Hill
@@ -11,14 +11,6 @@ This guide applies to Firefox, Firefox ESR, Librewolf, and Thunderbird. Mozilla
|
||||
|
||||
#. Ensure you have already :ref:`trusted your server's Root CA<ca-linux>`
|
||||
|
||||
#. Open Firefox and enter ``about:config`` in the URL bar. Accept any warnings that appear
|
||||
|
||||
#. Search for ``security.enterprise_roots.enabled`` and set it to ``true``:
|
||||
|
||||
.. figure:: /_static/images/ssl/browser/enterprise_roots_enabled_true.png
|
||||
:width: 80%
|
||||
:alt: Firefox security settings
|
||||
|
||||
#. Select your distribution below and follow instructions:
|
||||
|
||||
.. tabs::
|
||||
|
||||
@@ -3,55 +3,89 @@
|
||||
==============================
|
||||
Configuring Firefox on Windows
|
||||
==============================
|
||||
.. caution:: This guide assumes you have completed :ref:`setting up Tor<tor-windows>`. Please visit this section first before you proceed as it is required for Firefox to properly work with Tor.
|
||||
Here you will configure Firefox to securely resolve the .local and .onion URLs of your server and installed services.
|
||||
|
||||
#. Open Firefox and enter ``about:config`` in the URL bar. Accept any warnings that may appear about accessing advanced settings.
|
||||
Local
|
||||
-----
|
||||
|
||||
#. Search for ``dom.securecontext.allowlist_onions`` and set the value to "true":
|
||||
#. Ensure you have already :ref:`trusted your server's Root CA<ca-mac>`
|
||||
|
||||
#. Open Firefox and enter ``about:config`` in the URL bar. Accept any warnings that appear
|
||||
|
||||
#. Search for ``security.enterprise_roots.enable``, set it to ``true``.
|
||||
|
||||
.. figure:: /_static/images/ssl/browser/enterprise_roots_enabled_true.png
|
||||
:width: 80%
|
||||
:alt: Firefox security settings
|
||||
|
||||
#. Restart Firefox
|
||||
|
||||
#. When you visit your server URL using ``https``, you should see this symbol indicating a secure connection:
|
||||
|
||||
.. figure:: /_static/images/ssl/browser/firefox-https-good.png
|
||||
:width: 80%
|
||||
:alt: Firefox security settings
|
||||
|
||||
#. If you see an exclamation point inside a triangle by the lock, it means you previously made a security exception in the browser. You will need to remove the exception by clicking the lock -> Connection not secure -> Remove Exception.
|
||||
|
||||
.. figure:: /_static/images/ssl/browser/cert-trust-exception-remove-1.png
|
||||
:width: 80%
|
||||
:alt: Firefox - Remove security exception (Part 1)
|
||||
|
||||
.. figure:: /_static/images/ssl/browser/cert-trust-exception-remove-2.png
|
||||
:width: 80%
|
||||
:alt: Firefox - Remove security exception (Part 2)
|
||||
|
||||
Tor
|
||||
---
|
||||
#. Ensure you have already :ref:`set up Tor<tor-mac>`
|
||||
|
||||
#. Open Firefox and enter ``about:config`` in the URL bar. Accept any warnings that appear
|
||||
|
||||
#. Search for ``dom.securecontext.allowlist_onions`` and set the value to ``true``:
|
||||
|
||||
.. figure:: /_static/images/tor/firefox_allowlist.png
|
||||
:width: 60%
|
||||
:alt: Firefox whitelist onions screenshot
|
||||
:width: 60%
|
||||
:alt: Firefox whitelist onions screenshot
|
||||
|
||||
#. Next, search for ``network.websocket.allowInsecureFromHTTPS`` and set the value to ``true``:
|
||||
#. Search for ``network.websocket.allowInsecureFromHTTPS`` and set the value to ``true``:
|
||||
|
||||
.. figure:: /_static/images/tor/firefox_insecure_websockets.png
|
||||
:width: 60%
|
||||
:alt: Firefox allow insecure websockets over https
|
||||
:width: 60%
|
||||
:alt: Firefox allow insecure websockets over https
|
||||
|
||||
#. Download a *Proxy Auto Config* file to inform Firefox how to use the Tor daemon running on your computer. You can get Start9's standard file by following instructions below:
|
||||
|
||||
- Click `here <https://start9.com/assets/proxy.pac>`_ to get the file and save the file somewhere you will not delete it. Remember where you save the file. For this example:
|
||||
#. Download a ``Proxy Auto Config`` file to inform Firefox how to use the Tor daemon running on your computer. Click `here <https://start9.com/assets/proxy.pac>`_ to get the one offered by Start9 and save it somewhere you will not delete it. Remember where you save the file. For this example:
|
||||
|
||||
.. code-block::
|
||||
|
||||
C:\Program Files\Tor Browser\proxy.pac
|
||||
C:\Program Files\Tor Browser\proxy.pac
|
||||
|
||||
#. Now, back in your Firefox web browser, select "Settings" from the right-hand hamburger menu:
|
||||
#. Go to the right-hand hamburger menu and select ``Settings``:
|
||||
|
||||
.. figure:: /_static/images/tor/firefox_options_windows.png
|
||||
:width: 60%
|
||||
:alt: Firefox options screenshot
|
||||
.. figure:: /_static/images/tor/os_ff_settings.png
|
||||
:width: 30%
|
||||
:alt: Firefox options screenshot
|
||||
|
||||
#. Search for the term "proxy" in the search bar in the upper right, then select the button that says "Settings":
|
||||
#. Search for the term ``proxy`` in the search bar in the upper right and select ``Settings...``:
|
||||
|
||||
.. figure:: /_static/images/tor/firefox_search.png
|
||||
:width: 60%
|
||||
:alt: Firefox search screenshot
|
||||
:width: 60%
|
||||
:alt: Firefox search screenshot
|
||||
|
||||
#. This should open a menu that will allow you to configure your proxy settings. Select "Automatic proxy configuration URL" and paste in the path to your PAC file from earlier, prefixed with ``file://``. For example:
|
||||
#. Select ``Automatic proxy configuration URL`` and paste in the path to your PAC file from earlier, prefixed with ``file://``. For example:
|
||||
|
||||
.. code-block::
|
||||
|
||||
file://C:/Program Files/Tor Browser/proxy.pac
|
||||
file://C:/Program Files/Tor Browser/proxy.pac
|
||||
|
||||
#. Then, check the box labeled "Proxy DNS when using SOCKS v5":
|
||||
#. Check the box labeled ``Proxy DNS when using SOCKS v5``:
|
||||
|
||||
.. figure:: /_static/images/tor/firefox_proxy_windows.png
|
||||
:width: 60%
|
||||
:alt: Firefox proxy settings screenshot
|
||||
.. figure:: /_static/images/tor/firefox_proxy.png
|
||||
:width: 60%
|
||||
:alt: Firefox proxy settings screenshot
|
||||
|
||||
#. Click "OK" and then restart Firefox for the changes to take effect.
|
||||
#. Click ``OK`` and restart Firefox
|
||||
|
||||
#. You're all set! You should now be able to navigate to ".onion" URLs in Firefox. You can test this by going to Start9's ``.onion`` homepage, `here <http://privacy34kn4ez3y3nijweec6w4g54i3g54sdv7r5mr6soma3w4begyd.onion/>`__.
|
||||
#. Test that Firefox can resolve `.onion` URLs by visiting Start9's Tor website: http://privacy34kn4ez3y3nijweec6w4g54i3g54sdv7r5mr6soma3w4begyd.onion. If this does not work, go through this guide again, ensuring you followed every step, including the first which refers to another guide
|
||||
|
||||
#. You can now use the `.onion` URLs of your server and installed services
|
||||
|
||||
Reference in New Issue
Block a user