Search the Community
Showing results for tags 'ssl encryption'.
Found 4 results
-
Hello, New user here with a similar problem, big fan of the service so far. It would help me if this could be dummied down a little. Similarly to OP, this setup works for regular http: webserver > airvpn? > airdns > user Goal: I would like to be able to accomplish this with https (webserver > airvpn? > airdns > cloudflare hostname > user) where each phase is encrypted. Problem: I am unable to register a certificate using the records in the background section. I think I misunderstood what you meant Background: My webserver (cosmos server) expects a hostname and allows you to use letsecrypt with your hostname (and it's subdomains) to encrypt connections with tls. Their documentation has you open a port on your router, then point your domain to your router with these records: A my.domain.here my.ip.address.numbers CNAME * my.domain.here It was working in this configuration. But in an effort to increase security (not a fan of opening up my router to attacks), I'd like to use port-forwarding instead. From the information in this thread I've ended up with these DNS records: CNAME my.domain.here subdomain.airdns.org CNAME * my.domain.here I am requesting a certificate for my.domain.here and it's subdomains (*.my.domain.here). Error: When I try to register a certificate I get this error: cloudflare: failed to find zone airdns.org.: ListZonesContext command failed: Invalid request headers (6003) Googling this error has not turned up many good results, but the error makes sense, I don't own your domain! Questions: First off, is this setup what you meant? Second, is there a way I can change my records to get past this error? Finally, do I need this at all? I can disable https all together but am not clear of the security ramifications (maybe your tls connection with the user is enough).
-
I have a local Server permanently connected to Airvpn over wireguard. Now I want to access the installed Nextcloud from the internet with SSL Encryption. I use an apache2 webserver. I opened a port and I can access it over http. But I don't know how to configure it over https. https://airdns.org/ has a Let's encrypt certificate, but in my nexcloud.conf I know only how to use a local certificate. So how can I point the webserver to use the certificate from airdns.org?
-
Hello everyone, Since some time now, whenever I open a SSL connection via Eddie, the connection is made with the server and Eddie stays connected, but only until data starts being transferred, for example when I type 'google.com' in my browser's address bar. Then it immediately disconnects, and tries to recover the connection (no use, because the recovered connection has the same issue). Any ideas how to solve this? SSL gives me the best connection as my provider caps most other protocols. I'm using Manjaro Linux and Eddie 2.16.3,
-
Greetings, First off i'd like to thank the AirVPN support staff for their personal responses to my emails and not some form letter they could have copy pasted like most company's do now a days ( they actually have intelligent people on the other end who are willing to provide you with support ) and secondly YOU the brave people who have chosen to Encrypt their data rather then allow their ISP/Government free open access to YOUR data ( give them an inch and they'll take a mile things are only going to get worse ) This will be a quick and dirty method of how I got the latest version of Stunnel and OpenVPN working with AirVPN for Windows 10 incase your ISP is like mine and throttles OpenVPN UDP/TCP traffic and SSL Tunneling is the only solution you have remaining. Now onto the HOWTO: ** For the purposes of this HOWTO the path to Stunnel will be known as " Stunnel folder " which is located at C:\users\YOURUSERNAMEINWINDOWS\appdata\local\Stunnel in Windows 10** 1) Download the latest version of Stunnel https://www.stunnel.org/downloads.html < stunnel-5.28-installer.exe > is the version if you want for windows. 2) Download the latest version of OpenVPN https://openvpn.net/index.php/open-source/downloads.html < openvpn-install- 2.3.10-I601-x86_64.exe > is the version if you want for windows 64bit. 3) Install Stunnel and OpenVPN from their .exe files 4) Goto the AirVPN website and download a config with SSL enabled under advanced to your favorite AirVPN server, once you've downloaded the .zip version or all the files independently place them in your Stunnel\Config folder located at Stunnel folder also copy all the contents of the Stunnel\bin folder into your Stunnel\Config folder ( ya I know its sloppy but it worked for me ) 5) Edit the Stunnel.conf file and remark out all the Gmail code with ; at the begging of each line: Example: [gmail-pop3] client = yes accept = 127.0.0.1:110 connect = pop.gmail.com:995 verify = 2 CAfile = ca-certs.pem checkHost = pop.gmail.com OCSPaia = yes Should now look like this:;[gmail-pop3];client = yes;accept = 127.0.0.1:110;connect = pop.gmail.com:995;verify = 2;CAfile = ca-certs.pem;checkHost = pop.gmail.com;OCSPaia = yes One this is done edit your AirVPN .SSL file that you downloaded and copy the code into the bottom of the Stunnel.conf file once done save. 6) Run Stunnel and you shouldn't receive any error messages like " can't load config file " you should see something like this Threading:WIN32 Sockets:SELECT,IPv6 TLS:ENGINE,FIPS,OCSP,PSK,SNIReading configuration from file stunnel.confUTF-8 byte order mark detectedFIPS mode disabledInitializing service [openvpn]Configuration successful 7) Copy the downloaded AirVPN config files into your OpenVPN\Config folder mine was located in C:\Program files\OpenVPN\Config once this is done and you have your Stunnel connected to AirVPN's servers open the OpenVPN GUI right click on the icon and select your AirVPN profile and hit connect ! Hopefully this quick and dirty HOWTO will help others who may want an alternative to the AirVPN client ( theirs nothing wrong with the AirVPN client I just wanted an alternative ). Cheers ! Ps, if you found this HOWTO helpful and you wish to show your appreciation kindly think about making a nominal donation to your local animal rescue shelter in the form of dry/wet food or volunteering your time with the lost / sick and abused animals.