mirror of
https://github.com/Start9Labs/documentation.git
synced 2026-03-30 04:01:59 +00:00
clarify lan-tor setup
This commit is contained in:
Matt Hill
@@ -7,7 +7,7 @@ Complete this guide to trust your server's Root Certificate Authority (Root CA)
|
||||
|
||||
.. note:: This guide only applies to Android phones running Android v13+, as well as phones running CalyxOS, GrapheneOS, or LineageOS (v19+).
|
||||
|
||||
#. Ensure you have already `downloaded your server's Root CA </getting-started/trust-ca/#download-root-ca>`_
|
||||
#. Ensure you have already :ref:`downloaded your Root CA <download-root-ca>`
|
||||
|
||||
#. Tap **Settings > Security > More security settings > Encryption & credentials > Install a certificate > CA Certificate > Install Anyway** and select your custom-named ``adjective-noun.local.crt`` certificate.
|
||||
|
||||
|
||||
@@ -3,21 +3,20 @@
|
||||
==============================
|
||||
Configuring Firefox on Android
|
||||
==============================
|
||||
|
||||
Download `Firefox Beta <https://play.google.com/store/apps/details?id=org.mozilla.firefox_beta>`_ from the Play Store, or `Fennec <https://f-droid.org/en/packages/org.mozilla.fennec_fdroid/>`_ from F-Droid.
|
||||
|
||||
.. caution:: You must use **Firefox Beta** on Android. Regular Firefox does not permit advanced configuration.
|
||||
|
||||
Local
|
||||
-----
|
||||
Local (required for initial setup)
|
||||
----------------------------------
|
||||
#. Ensure you have already :ref:`trusted your Root CA<ca-android>` on your Android device
|
||||
|
||||
#. Tap ``Kebab Menu > Settings > About Firefox`` and tap the Firefox icon 5 times to enable "developer mode"
|
||||
|
||||
#. Go back to ``Kebab Menu > Settings > Secret Settings`` (at the bottom), and tap ``Use third party CA certificates``
|
||||
|
||||
Tor
|
||||
---
|
||||
Tor (can be completed later)
|
||||
----------------------------
|
||||
#. Ensure you are already :ref:`running Tor<tor-android>` on your Android device
|
||||
|
||||
#. Download the `Proxy Auto Config` file that will use Orbot to resolve `.onion` URLs. We have one hosted `here <https://start9.com/assets/proxy.pac>`_
|
||||
|
||||
@@ -5,7 +5,7 @@ Trusting Your Server's Root CA on iOS
|
||||
=====================================
|
||||
Complete this guide to trust your server's Root Certificate Authority (Root CA) on iOS.
|
||||
|
||||
#. Ensure you have already `downloaded your server's Root CA </getting-started/trust-ca/#download-root-ca>`_
|
||||
#. Ensure you have already :ref:`downloaded your Root CA <download-root-ca>`
|
||||
|
||||
#. Open your iCloud Downloads folder and click on the certificate. It will display a dialog box that says "Profile Downloaded." Click `Close`.
|
||||
|
||||
|
||||
@@ -12,7 +12,7 @@ Trusting Your Server's Root CA on Linux
|
||||
|
||||
These instructions will work for most Debian-based Linux distributions, such as Debian, Linux Mint, PopOS, Ubuntu, etc.
|
||||
|
||||
#. Ensure you have already `downloaded your server's Root CA </getting-started/trust-ca/#download-root-ca>`_
|
||||
#. Ensure you have already :ref:`downloaded your Root CA <download-root-ca>`
|
||||
|
||||
#. Perform the following commands in the Terminal:
|
||||
|
||||
@@ -37,7 +37,7 @@ Trusting Your Server's Root CA on Linux
|
||||
|
||||
.. group-tab:: Arch/Garuda
|
||||
|
||||
#. Ensure you have already `downloaded your server's Root CA </getting-started/trust-ca/#download-root-ca>`_
|
||||
#. Ensure you have already :ref:`downloaded your Root CA <download-root-ca>`
|
||||
|
||||
#. From the folder you have downloaded your Start9 server's Root CA, run the following commands. Take care to replace `adjective-noun` with your server's unique adjective-noun combination in the command below. If you have changed the certificate's filename, be sure to change it here.
|
||||
|
||||
@@ -51,7 +51,7 @@ Trusting Your Server's Root CA on Linux
|
||||
|
||||
.. group-tab:: CentOS/Fedora
|
||||
|
||||
#. Ensure you have already `downloaded your server's Root CA </getting-started/trust-ca/#download-root-ca>`_
|
||||
#. Ensure you have already :ref:`downloaded your Root CA <download-root-ca>`
|
||||
|
||||
#. In `/etc/systemd/resolved.conf`, ensure you have ``MulticastDNS=Yes``
|
||||
|
||||
|
||||
@@ -5,12 +5,10 @@ Configuring Firefox on Linux
|
||||
============================
|
||||
Here you will configure Firefox to securely resolve the .local and .onion URLs of your server and installed services.
|
||||
|
||||
Local
|
||||
-----
|
||||
Local (required for initial setup)
|
||||
----------------------------------
|
||||
This guide applies to Firefox, Firefox ESR, Librewolf, and Thunderbird. Mozilla apps need to be configured to use the certificate store of your device. To find out why Mozilla does this differently, you can read their `blog post <https://blog.mozilla.org/security/2019/02/14/why-does-mozilla-maintain-our-own-root-certificate-store/>`_ on the topic (TLDR: for security purposes).
|
||||
|
||||
#. Ensure you have already :ref:`trusted your server's Root CA<ca-linux>`
|
||||
|
||||
#. Select your distribution below and follow instructions:
|
||||
|
||||
.. tabs::
|
||||
@@ -49,24 +47,8 @@ This guide applies to Firefox, Firefox ESR, Librewolf, and Thunderbird. Mozilla
|
||||
|
||||
#. Restart Firefox
|
||||
|
||||
#. When you visit your server URL using ``https``, you should see this symbol indicating a secure connection:
|
||||
|
||||
.. figure:: /_static/images/ssl/browser/firefox-https-good.png
|
||||
:width: 80%
|
||||
:alt: Firefox security settings
|
||||
|
||||
#. If you see an exclamation point inside a triangle by the lock, it means you previously made a security exception in the browser. You will need to remove the exception by clicking the lock -> Connection not secure -> Remove Exception.
|
||||
|
||||
.. figure:: /_static/images/ssl/browser/cert-trust-exception-remove-1.png
|
||||
:width: 80%
|
||||
:alt: Firefox - Remove security exception (Part 1)
|
||||
|
||||
.. figure:: /_static/images/ssl/browser/cert-trust-exception-remove-2.png
|
||||
:width: 80%
|
||||
:alt: Firefox - Remove security exception (Part 2)
|
||||
|
||||
Tor
|
||||
---
|
||||
Tor (can be completed later)
|
||||
----------------------------
|
||||
#. Ensure you have already :ref:`set up Tor<tor-linux>`
|
||||
|
||||
#. Open Firefox and enter ``about:config`` in the URL bar. Accept any warnings that appear
|
||||
|
||||
@@ -5,7 +5,7 @@ Trusting Your Server's Root CA on Mac
|
||||
=====================================
|
||||
Complete this guide to trust your server's Root Certificate Authority (Root CA) on Mac.
|
||||
|
||||
#. Ensure you have already `downloaded your server's Root CA </getting-started/trust-ca/#download-root-ca>`_
|
||||
#. Ensure you have already :ref:`downloaded your Root CA <download-root-ca>`
|
||||
|
||||
#. Locate your downloaded Root CA. Right click it and select *Show in Folder*:
|
||||
|
||||
|
||||
@@ -5,11 +5,8 @@ Configuring Firefox on Mac
|
||||
==========================
|
||||
Here you will configure Firefox to securely resolve the .local and .onion URLs of your server and installed services.
|
||||
|
||||
Local
|
||||
-----
|
||||
|
||||
#. Ensure you have already :ref:`trusted your server's Root CA<ca-mac>`
|
||||
|
||||
Local (required for initial setup)
|
||||
----------------------------------
|
||||
#. Open Firefox and enter ``about:config`` in the URL bar. Accept any warnings that appear
|
||||
|
||||
#. Search for ``security.enterprise_roots.enable``, set it to ``true``.
|
||||
@@ -20,24 +17,8 @@ Local
|
||||
|
||||
#. Restart Firefox
|
||||
|
||||
#. When you visit your server URL using ``https``, you should see this symbol indicating a secure connection:
|
||||
|
||||
.. figure:: /_static/images/ssl/browser/firefox-https-good.png
|
||||
:width: 80%
|
||||
:alt: Firefox security settings
|
||||
|
||||
#. If you see an exclamation point inside a triangle by the lock, it means you previously made a security exception in the browser. You will need to remove the exception by clicking the lock -> Connection not secure -> Remove Exception.
|
||||
|
||||
.. figure:: /_static/images/ssl/browser/cert-trust-exception-remove-1.png
|
||||
:width: 80%
|
||||
:alt: Firefox - Remove security exception (Part 1)
|
||||
|
||||
.. figure:: /_static/images/ssl/browser/cert-trust-exception-remove-2.png
|
||||
:width: 80%
|
||||
:alt: Firefox - Remove security exception (Part 2)
|
||||
|
||||
Tor
|
||||
---
|
||||
Tor (can be completed later)
|
||||
----------------------------
|
||||
#. Ensure you have already :ref:`set up Tor<tor-mac>`
|
||||
|
||||
#. Open Firefox and enter ``about:config`` in the URL bar. Accept any warnings that appear
|
||||
|
||||
@@ -5,9 +5,9 @@ Trusting Your Server's Root CA on Windows
|
||||
=========================================
|
||||
Complete this guide to trust your server's Root Certificate Authority (Root CA) on Windows.
|
||||
|
||||
#. Ensure you have already `downloaded your server's Root CA </getting-started/trust-ca/#download-root-ca>`_
|
||||
#. Ensure you have already :ref:`downloaded your Root CA <download-root-ca>`
|
||||
|
||||
#. Ensure you have already `installed bonjour </getting-started/connecting-lan/#windows-only>`_
|
||||
#. Ensure you have already :ref:`installed bonjour <connecting-lan-windows>`
|
||||
|
||||
#. Click the “Start” menu, type “mmc”, and select "Run as administrator" to access the Windows Management Console.
|
||||
|
||||
|
||||
@@ -5,11 +5,8 @@ Configuring Firefox on Windows
|
||||
==============================
|
||||
Here you will configure Firefox to securely resolve the .local and .onion URLs of your server and installed services.
|
||||
|
||||
Local
|
||||
-----
|
||||
|
||||
#. Ensure you have already :ref:`trusted your server's Root CA<ca-mac>`
|
||||
|
||||
Local (required for initial setup)
|
||||
----------------------------------
|
||||
#. Open Firefox and enter ``about:config`` in the URL bar. Accept any warnings that appear
|
||||
|
||||
#. Search for ``security.enterprise_roots.enable``, set it to ``true``.
|
||||
@@ -20,24 +17,8 @@ Local
|
||||
|
||||
#. Restart Firefox
|
||||
|
||||
#. When you visit your server URL using ``https``, you should see this symbol indicating a secure connection:
|
||||
|
||||
.. figure:: /_static/images/ssl/browser/firefox-https-good.png
|
||||
:width: 80%
|
||||
:alt: Firefox security settings
|
||||
|
||||
#. If you see an exclamation point inside a triangle by the lock, it means you previously made a security exception in the browser. You will need to remove the exception by clicking the lock -> Connection not secure -> Remove Exception.
|
||||
|
||||
.. figure:: /_static/images/ssl/browser/cert-trust-exception-remove-1.png
|
||||
:width: 80%
|
||||
:alt: Firefox - Remove security exception (Part 1)
|
||||
|
||||
.. figure:: /_static/images/ssl/browser/cert-trust-exception-remove-2.png
|
||||
:width: 80%
|
||||
:alt: Firefox - Remove security exception (Part 2)
|
||||
|
||||
Tor
|
||||
---
|
||||
Tor (can be completed later)
|
||||
----------------------------
|
||||
#. Ensure you have already :ref:`set up Tor<tor-mac>`
|
||||
|
||||
#. Open Firefox and enter ``about:config`` in the URL bar. Accept any warnings that appear
|
||||
|
||||
Reference in New Issue
Block a user