Chrome SSL, Brave SSL, concepts, misc edits

site/source/support/user-manual/configuration/lan-setup/lan-browser/lan-brave.rst

@@ -24,16 +24,23 @@ Brave
         :width: 60%
         :alt: Brave Security settings page
 
-#. If you see a trusted “Embassy Local Root CA”, open a new tab to apply the certificate. If this does not work, quit and restart Brave.
+#. If you **EITHER** see "org-Start9" with a trusted “Embassy Local Root CA” listed under it, open a new tab to apply the certificate. If this does not work, quit and restart Chrome.
+
+    **OR**
+
+#. If you do not see "org-Start9"in the list, ensure the certificate is properly set up on your computer system.  Otherwise, click “Import” and open the downloaded ``Embassy Local Root CA.crt`` file on your device. If you cannot find this, make sure you completed the :ref:`device setup steps <lan-os>`.
 
-#. If you do not see a trusted “Embassy Local Root CA” certificate in the list, ensure the certificate is properly set up on your computer system.
 
     .. figure:: /_static/images/ssl/browser/brave_view_certs.svg
         :width: 60%
         :alt: Brave Manage Certificates sub-menu on MacOS
 
+    Check the box for "Trust this certificate for identitying websites" and click "OK"
+
 #. Obtain the LAN address that was provided at the end of your initial Embassy setup, or from the :ref:`Embassy tab<embassy-tab>` -> ``About`` (Under ``Insights``) and enter it in a new tab.
 
-#. You can now securely navigate to your Embassy over HTTPS!
+    .. tip:: You may need to restart the browser
 
-.. note:: Additionally, you can start a Brave private window with Tor to visit the Tor address over HTTPS (unnecessary in principle, but will circumvent annoying browser warnings).
+#. You will see a green padlock and ``https://`` to the left of the URL bar.  You can now securely navigate to your Embassy on your :ref:`LAN<lan>` with :ref:`HTTPS<ssl>`!
+
+.. note:: Additionally, you can start a Brave private window with Tor to visit the Tor address over HTTPS (unnecessary in principle, but will circumvent annoying browser warnings).

site/source/support/user-manual/configuration/lan-setup/lan-browser/lan-chrome.rst

@@ -4,8 +4,46 @@
 Chrome
 ======
 
-#. Once you have followed the steps to setup your device, open a new tab to apply the certificate. If this does not work, quit and restart Chrome.
+.. caution:: You will first need to complete :ref:`LAN Setup<lan-os>` for your device before continuing.
 
-#. Obtain the LAN address provided in the Setup App and enter it in the URL bar.
+.. tip:: The following guide also works with Chromium and Vivaldi.
 
-#. You can now securely navigate to your Embassy over HTTPS!
+#. Open a new tab in Chrome and navigate to ``chrome://settings/certificates``.
+
+    .. figure:: /_static/images/ssl/browser/chrome_settings.svg
+        :width: 60%
+        :alt: Chrome Certificates Settings page
+
+#. Click on the "Authorities" tab.
+
+    .. figure:: /_static/images/ssl/browser/chrome_authorities.svg
+        :width: 60%
+        :alt: Chrome Certificate Authorities page
+
+#. You will **EITHER** see "org-Start9" with a trusted “Embassy Local Root CA” listed under it,
+
+    .. figure:: /_static/images/ssl/browser/chrome_s9ca.svg
+        :width: 60%
+        :alt: Start9 Certificate Authority
+
+    in which case, open a new tab to apply the certificate. If this does not work, quit and restart Chrome.
+
+    **OR**
+
+#. If you do not see "org-Start9"in the list, ensure the certificate is properly set up on your computer system.  Otherwise, click “Import” and open the downloaded ``Embassy Local Root CA.crt`` file on your device. If you cannot find this, make sure you completed the :ref:`device setup steps <lan-os>`.
+
+    .. figure:: /_static/images/ssl/browser/chrome_trust.svg
+        :width: 60%
+        :alt: Trust the CA
+
+    Check the box for "Trust this certificate for identitying websites" and click "OK"
+
+#. Obtain the LAN address that was provided at the end of your initial Embassy setup, or from the :ref:`Embassy tab<embassy-tab>` -> ``About`` (Under ``Insights``) and enter it in a new tab.
+
+    .. tip:: You may need to restart the browser
+
+    .. figure:: /_static/images/ssl/browser/chrome_https.svg
+        :width: 60%
+        :alt: Success
+
+#. You will see a green padlock and ``https://`` to the left of the URL bar.  You can now securely navigate to your Embassy on your :ref:`LAN<lan>` with :ref:`HTTPS<ssl>`!

site/source/support/user-manual/configuration/lan-setup/lan-browser/lan-ff.rst

@@ -22,7 +22,7 @@ Firefox
 
 #. Select the "Authorities" tab from the "Certificate Manager".
 
-#. Click “Import” and open the downloaded *Embassy Local Root CA.crt* file on your device. If you cannot find this, make sure you completed the :ref:`device setup steps <ssl-setup>`.
+#. Click “Import” and open the downloaded ``Embassy Local Root CA.crt`` file on your device. If you cannot find this, make sure you completed the :ref:`device setup steps <ssl-setup>`.
 
 #. When prompted, check “Trust this CA to identity websites” and select “OK”.
 

site/source/support/user-manual/configuration/tor-setup/tor-os/tor-linux.rst

@@ -30,7 +30,7 @@ Linux
 
                 sudo systemctl restart tor
 
-    .. group-tab:: Arch / Manjaro / Garuda
+    .. group-tab:: Arch / Garuda / Manjaro
 
         Simply install Tor with:
 

site/source/support/user-manual/tuning/advanced-config/ssh-tor.rst

@@ -4,6 +4,8 @@
 SSH Over Tor
 ============
 
+.. warning:: This is an advanced feature and should be used with caution. Start9 is not responsible for any damage you might cause while using SSH access.
+
 .. note:: The following guide requires that you have already added an `SSH key to your Embassy<ssh-setup>`.
 
 This is currently only supported on Linux, but may work on Windows with `Torifier <https://torifier.com/>`_.
@@ -21,7 +23,7 @@ Setup
 
                 apt install torsocks
 
-        .. group-tab:: Arch / Manjaro / Garuda
+        .. group-tab:: Arch / Garuda / Manjaro
 
             .. code-block:: bash
 
@@ -33,7 +35,7 @@ Setup
 
         ssh root@embassy-xxxxxxx.local
 
-#. Add the following 2 lines to ``/etc/tor/torrc`` **EITHER** by using your preferred text editor:
+#. Add the following 2 lines to ``/etc/tor/torrc`` **EITHER** by using your preferred text editor (such as ``nano`` or ``vim``):
 
     ``HiddenServiceDir /var/lib/tor/ssh``
     ``HiddenServicePort 22 127.0.0.1:22``