Start9/documentation
2
0
Fork 0
mirror of https://github.com/Start9Labs/documentation.git synced 2026-03-26 10:21:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

update windows bonjour install; number formatting

Browse Source
This commit is contained in:
Lucy Cifferello
2021-03-22 13:32:25 -06:00
parent e543a4eb3a
commit 80bdad6cfb
3 changed files with 158 additions and 153 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
source/user-manual/general/lan-setup/browser.rst
View File

@@ -6,87 +6,84 @@ Browser
.. warning:: Make sure you have completed setup on your :ref:`device <ssl-setup>` before continuing!
.. note::
Some browsers (such as Firefox) may emit a "Warning: Potential Security Risk Ahead". This is because the SSL Certificate issued from your Embassy is not from a registered certificate authority. Usually, this warning is a valid concern, but in the case of accessing a service over LAN from your Embassy, select "Advanced" and "Accept the Risk and Continue".
.. _brave:
Brave
=====
1. Navigate to your Brave Settings in a new tab.
#. Navigate to your Brave Settings in a new tab.
2. On the left hand sidebar, navigate to *Additional Settings > Privacy and Security*.
#. On the left hand sidebar, navigate to *Additional Settings > Privacy and Security*.
3. Add the bottom of the section, select "Manage Certificates".
#. Add the bottom of the section, select "Manage Certificates".
.. figure:: /_static/images/ssl/browser/brave_security_settings.png
:width: 90%
:alt: Brave privacy and security settings page
.. figure:: /_static/images/ssl/browser/brave_security_settings.png
:width: 90%
:alt: Brave privacy and security settings page
4. If you see a trusted “Embassy Local Root CA”, open a new tab to apply the certificate. If this does not work, quit and restart Brave.
#. If you see a trusted “Embassy Local Root CA”, open a new tab to apply the certificate. If this does not work, quit and restart Brave.
5. If you do not see a trusted “Embassy Local Root CA” certificate in the list, ensure the certificate is properly set up on your computer system.
#. If you do not see a trusted “Embassy Local Root CA” certificate in the list, ensure the certificate is properly set up on your computer system.
.. figure:: /_static/images/ssl/browser/brave_view_certs.png
:width: 90%
:alt: Brave Manage Certificates sub-menu on MacOS
.. figure:: /_static/images/ssl/browser/brave_view_certs.png
:width: 90%
:alt: Brave Manage Certificates sub-menu on MacOS
6. Obtain the LAN address provided in the Setup App and enter it in a new tab.
#. Obtain the LAN address provided in the Setup App and enter it in a new tab.
7. You can now securely navigate to your Embassy over HTTPS!
#. You can now securely navigate to your Embassy over HTTPS!
8. Additionally, you can start a Brave private window with Tor to visit the Tor address over HTTPS (unnecessary in principle, but will circumvent annoying browser warnings).
#. Additionally, you can start a Brave private window with Tor to visit the Tor address over HTTPS (unnecessary in principle, but will circumvent annoying browser warnings).
.. _chrome:
Chrome
======
1. Once you have followed the steps to setup your device, open a new tab to apply the certificate. If this does not work, quit and restart Chrome.
#. Once you have followed the steps to setup your device, open a new tab to apply the certificate. If this does not work, quit and restart Chrome.
2. Obtain the LAN address provided in the Setup App and enter it in the URL bar.
#. Obtain the LAN address provided in the Setup App and enter it in the URL bar.
3. You can now securely navigate to your Embassy over HTTPS!
#. You can now securely navigate to your Embassy over HTTPS!
.. _firefox:
Firefox
========
1. Navigate to your Firefox Settings in a new tab.
#. Navigate to your Firefox Settings in a new tab.
2. Select “Privacy and Security” from the left hand navigation menu.
#. Select “Privacy and Security” from the left hand navigation menu.
3. Scroll all the way to the bottom of the page and select “View Certificates”.
#. Scroll all the way to the bottom of the page and select “View Certificates”.
.. figure:: /_static/images/ssl/browser/firefox_security_settings.png
:width: 90%
:alt: Firefox security settings
.. figure:: /_static/images/ssl/browser/firefox_security_settings.png
:width: 90%
:alt: Firefox security settings
Firefox privacy and security settings page
Firefox privacy and security settings page
4. Select the "Authorities" tab from the "Certificate Manager".
#. Select the "Authorities" tab from the "Certificate Manager".
5. Click “Import” and open the downloaded *Embassy Local Root CA.crt* file on your device. If you cannot find this, make sure you completed the :ref:`device setup steps <ssl-setup>`.
#. Click “Import” and open the downloaded *Embassy Local Root CA.crt* file on your device. If you cannot find this, make sure you completed the :ref:`device setup steps <ssl-setup>`.
6. When prompted, check “Trust this CA to identity websites” and select “OK”.
#. When prompted, check “Trust this CA to identity websites” and select “OK”.
.. figure:: /_static/images/ssl/browser/firefox_security_settings.png
:width: 90%
:alt: Firefox import cert
.. figure:: /_static/images/ssl/browser/firefox_security_settings.png
:width: 90%
:alt: Firefox import cert
Firefox import certificate page
Firefox import certificate page
7. Ensure the “Embassy Local Root CA” exists under “Start9 Labs”.
#. Ensure the “Embassy Local Root CA” exists under “Start9 Labs”.
8. Click “OK” to save.
#. Click “OK” to save.
9. Open a new tab in Firefox to apply the changes. If this does not work, quit and restart Firefox.
#. Open a new tab in Firefox to apply the changes. If this does not work, quit and restart Firefox.
10. Navigate to the LAN address provided in the Setup App.
#. Navigate to the LAN address provided in the Setup App.
11. You can now securely navigate to your Embassy over HTTPS!
#. You can now securely navigate to your Embassy over HTTPS!
.. _safari:

206
source/user-manual/general/lan-setup/desktop.rst
View File

@@ -8,172 +8,180 @@ Operating Systems
MacOS
-----
1. Visit your Embassy at its Tor Address.
#. Visit your Embassy at its Tor Address.
2. Navigate to --> Embassy --> Connect Over LAN
#. Navigate to --> Embassy --> Connect Over LAN
.. figure:: /_static/images/embassy_lan_setup.png
:width: 90%
:alt: LAN setup menu item
.. figure:: /_static/images/embassy_lan_setup.png
:width: 90%
:alt: LAN setup menu item
Select the "Connect over LAN" menu item
Select the "Connect over LAN" menu item
3. Select the "Root Certificate Authority" sub menu. This will prompt a download to save the certificate file to your machine.
#. Select the "Root Certificate Authority" sub menu. This will prompt a download to save the certificate file to your machine.
.. figure:: /_static/images/secure_lan_setup_page.png
:width: 90%
:alt: LAN setup page
.. figure:: /_static/images/secure_lan_setup_page.png
:width: 90%
:alt: LAN setup page
Select the "Root Certificate Authority" sub menu
Select the "Root Certificate Authority" sub menu
4. Select the option to open your key with Keychain Access. If you choose to save file, double click on it once downloaded.
#. Select the option to open your key with Keychain Access. If you choose to save file, double click on it once downloaded.
.. figure:: /_static/images/secure_lan_setup_prompt.png
:width: 90%
:alt: LAN setup prompt
.. figure:: /_static/images/secure_lan_setup_prompt.png
:width: 90%
:alt: LAN setup prompt
Open with "Keychain Access" and select "OK"
Open with "Keychain Access" and select "OK"
5. Enter your computer password when prompted. It will be imported into your computers keychain.
#. Enter your computer password when prompted. It will be imported into your computers keychain.
.. figure:: /_static/images/ssl/macos/certificate_untrusted.png
:width: 90%
:alt: Keychain access import menu
.. figure:: /_static/images/ssl/macos/certificate_untrusted.png
:width: 90%
:alt: Keychain access import menu
Keychain access import menu
Keychain access import menu
If the keychain console did not open, press "Command + spacebar" and type “Keychain Access”, and hit enter to open it.
#. If the keychain console did not open, press "Command + spacebar" and type “Keychain Access”, and hit enter to open it.
6. Navigate to the "System" tab and find the certificate entitled “Embassy Local Root CA”.
#. Navigate to the "System" tab and find the certificate entitled “Embassy Local Root CA”.
7. Double click on this certificate. A second window will pop up.
#. Double click on this certificate. A second window will pop up.
8. Open the “Trust” dropdown and select “Always Trust” from the dropdown next to “when using this certificate”.
#. Open the “Trust” dropdown and select “Always Trust” from the dropdown next to “when using this certificate”.
.. figure:: /_static/images/ssl/macos/always_trust.png
:width: 90%
:alt: Keychain submenu
.. figure:: /_static/images/ssl/macos/always_trust.png
:width: 90%
:alt: Keychain submenu
Select "Always trust" under SSL dropdown for Embassy Local CA
Select "Always trust" under SSL dropdown for Embassy Local CA
9. Close this window and enter your password to apply the settings.
#. Close this window and enter your password to apply the settings.
10. The “Embassy Local Root CA” cert will now read “This certificate is marked as trusted for all users” in Keychain Access.
#. The “Embassy Local Root CA” cert will now read “This certificate is marked as trusted for all users” in Keychain Access.
.. figure:: /_static/images/ssl/macos/certificate_trusted.png
:width: 90%
:alt: Keychain menu trusted certificate
.. figure:: /_static/images/ssl/macos/certificate_trusted.png
:width: 90%
:alt: Keychain menu trusted certificate
Trusted Embassy Local CA certificate
Trusted Embassy Local CA certificate
11. Open to your favorite browser to import this certificate and follow the steps for :ref:`supported browsers <browsers>`.
#. Open to your favorite browser to import this certificate and follow the steps for :ref:`supported browsers <browsers>`.
Windows
-------
1. Install `Bonjour Print Services <https://support.apple.com/kb/DL999>`_ on your Windows machine. This is necessary in order to visit .local addresses on Windows.
#. Install `Bonjour Print Services <https://support.apple.com/kb/DL999>`_ on your Windows machine. This is necessary in order to visit .local addresses on Windows.
#. If you are having issues running Bonjour after installing, you might have had Bonjour previously installed. To fix:
2. Visit your Embassy at its Tor Address.
#. Check out this video: https://www.youtube.com/watch?v=9ECCB3bqNDQ
#. UNinstall Bonjour completely via ``system settings -> remove programs``
#. Reinstall Bonjour Printer Driver package (download at https://support.apple.com/kb/DL999?locale=en_US)
#. Restart Windows
#. Note: Uninstalling Bonjour via the setup package seems to be not enough to solve the issue. Bonjour must be uninstalled via windows system settings.
#. Visit your Embassy at its Tor Address.
3. Navigate to --> Embassy --> Connect Over LAN
#. Navigate to --> Embassy --> Connect Over LAN
.. figure:: /_static/images/embassy_lan_setup.png
:width: 90%
:alt: LAN setup menu item
.. figure:: /_static/images/embassy_lan_setup.png
:width: 90%
:alt: LAN setup menu item
Select the "Connect over LAN" menu item
Select the "Connect over LAN" menu item
4. Select the "Root Certificate Authority" sub menu. This will prompt a download to save the certificate file to your machine.
#. Select the "Root Certificate Authority" sub menu. This will prompt a download to save the certificate file to your machine.
.. figure:: /_static/images/secure_lan_setup_page.png
:width: 90%
:alt: LAN setup page
.. figure:: /_static/images/secure_lan_setup_page.png
:width: 90%
:alt: LAN setup page
Select the "Root Certificate Authority" sub menu download icon
Select the "Root Certificate Authority" sub menu download icon
5. Select the option to save the *Embassy Local CA.crt* file.
#. Select the option to save the *Embassy Local CA.crt* file.
.. figure:: /_static/images/ssl/windows/windows_download_cert.png
:width: 90%
:alt: LAN setup prompt
.. figure:: /_static/images/ssl/windows/windows_download_cert.png
:width: 90%
:alt: LAN setup prompt
"Save file" when Opening Embassy Local CA.crt
"Save file" when Opening Embassy Local CA.crt
6. On your computer, right-click the “Start” menu and select “Run”.
#. On your computer, right-click the “Start” menu and select “Run”.
7. Type in “mmc” and click “OK”. When prompted on the “User Account Control” window, select “Yes” to allow this program to run.
#. Type in “mmc” and click “OK”. When prompted on the “User Account Control” window, select “Yes” to allow this program to run.
.. figure:: /_static/images/ssl/windows/1_windows_mmc.png
:width: 90%
:alt: Windows MMC
.. figure:: /_static/images/ssl/windows/1_windows_mmc.png
:width: 90%
:alt: Windows MMC
Access the Windows Management Console
Access the Windows Management Console
8. When the Management Console opens, navigate to *File > Add/Remove Snap-in*.
#. When the Management Console opens, navigate to *File > Add/Remove Snap-in*.
.. figure:: /_static/images/ssl/windows/2_windows_console_root.png
:width: 90%
:alt: Windows Console Root
.. figure:: /_static/images/ssl/windows/2_windows_console_root.png
:width: 90%
:alt: Windows Console Root
Add Snap-in from Console Root
Add Snap-in from Console Root
9. Select “Certificates” in the left side menu, then “Add”. This will open another window.
#. Select “Certificates” in the left side menu, then “Add”. This will open another window.
.. figure:: /_static/images/ssl/windows/3_windows_add_certificates.png
:width: 90%
:alt: Add Certificates
.. figure:: /_static/images/ssl/windows/3_windows_add_certificates.png
:width: 90%
:alt: Add Certificates
Add Certificates to selected snap-ins
Add Certificates to selected snap-ins
10. Select “Computer account” and click “Next. Leave defaulted options on the next screen and click “Finish”.
#. Select “Computer account” and click “Next. Leave defaulted options on the next screen and click “Finish”.
11. When you return to the “Add or Remove Snap-ins” page, ensure “Certificates (Local Computer)” exists under “Console Root” in the “Selected snap-ins” section, then click “OK”.
#. When you return to the “Add or Remove Snap-ins” page, ensure “Certificates (Local Computer)” exists under “Console Root” in the “Selected snap-ins” section, then click “OK”.
.. figure:: /_static/images/ssl/windows/4_windows_selected_snapin.png
:width: 90%
:alt: Snap-in Selected
.. figure:: /_static/images/ssl/windows/4_windows_selected_snapin.png
:width: 90%
:alt: Snap-in Selected
Certificates (Local Computer) is selected as snap-in
Certificates (Local Computer) is selected as snap-in
12. In the left hand menu of the Management Console, navigate to Certificates (Local Computer) > Trusted Root Certification Authorities > Certificates.
#. In the left hand menu of the Management Console, navigate to Certificates (Local Computer) > Trusted Root Certification Authorities > Certificates.
.. figure:: /_static/images/ssl/windows/5_windows_trusted_certificate_menu.png
:width: 90%
:alt: Certificates in Management Console
.. figure:: /_static/images/ssl/windows/5_windows_trusted_certificate_menu.png
:width: 90%
:alt: Certificates in Management Console
Access Certificates in Management Console
Access Certificates in Management Console
13. Right click on “Certificates”, then navigate to *All Tasks > Import*.
#. Right click on “Certificates”, then navigate to *All Tasks > Import*.
.. figure:: /_static/images/ssl/windows/6_windows_import_cert.png
:width: 90%
:alt: Import certificate
.. figure:: /_static/images/ssl/windows/6_windows_import_cert.png
:width: 90%
:alt: Import certificate
Select "Import" from Certificates sub-menu
Select "Import" from Certificates sub-menu
14. Click “Next” on the first page of the Certificate Import Wizard, then browse to the location where you saved the downloaded certificate and click “Open”.
#. Click “Next” on the first page of the Certificate Import Wizard, then browse to the location where you saved the downloaded certificate and click “Open”.
.. figure:: /_static/images/ssl/windows/7_windows_import_cert_wizard.png
:width: 90%
:alt: Import cert wizard
.. figure:: /_static/images/ssl/windows/7_windows_import_cert_wizard.png
:width: 90%
:alt: Import cert wizard
Add downloaded certificate int he Certificate Import Wizard
Add downloaded certificate int he Certificate Import Wizard
15. On the “Certificate Store” window, ensure that it says “Trusted Root Certificate Authorities” and click “Next”.
#. On the “Certificate Store” window, ensure that it says “Trusted Root Certificate Authorities” and click “Next”.
16. Select “OK” when the import is successful.
#. Select “OK” when the import is successful.
17. Verify the Embassy Local Root CA certificate is in the “Certificates” folder.
#. Verify the Embassy Local Root CA certificate is in the “Certificates” folder.
.. figure:: /_static/images/ssl/windows/8_windows_successful_cert_install.png
:width: 90%
:alt: Successful cert install
.. figure:: /_static/images/ssl/windows/8_windows_successful_cert_install.png
:width: 90%
:alt: Successful cert install
Embassy Local Root CA imported into Certificate folder
Embassy Local Root CA imported into Certificate folder
18. You can save the settings to the console if desired or cancel.
#. You can save the settings to the console if desired or cancel.
#. Open to your favorite browser to import this certificate and follow the steps for :ref:`supported browsers <browsers>`.
19. Open to your favorite browser to import this certificate and follow the steps for :ref:`supported browsers <browsers>`.
Linux
-----