Command to create ssl certificate. To install vmess ws and vless ws

[Ley-VN]

As title. Can you provide instructions on how to install and configure an example for vless ws

[chika0801]

{
    "inbounds": [
        {
            "type": "vless",
            "listen": "127.0.0.1",
            "listen_port": 8001,
            "users": [
                {
                    "uuid": "chika"
                }
            ],
            "transport": {
                "type": "ws",
                "path": "chika", // HTTP 请求路径
                "max_early_data": 2048,
                "early_data_header_name": "Sec-WebSocket-Protocol" // 要与 Xray-core 兼容，设置为 Sec-WebSocket-Protocol
            }
        }
    ],
    "outbounds": [
        {
            "type": "direct"
        }
    ]
}

It's server-side. Is that what you're asking about?

[chika0801]

xxx + ws

xxx + ws + tls

In addition to being able to use it via a CDN, in mainland China, though, there are a number of people who use it. But I don't recommend using it in mainland China. The reason is that RPRX mentioned, and I've heard feedback from others, that there is a downside to this form of use in that the VPS ports can be blocked by firewalls.

[Ley-VN]

Exactly, I'm not in China. So it can be used normally. Can you give me an example of client configuration, when I run it I get an EOF upstream error. Normal use no problem. It has a wise influence

[Ley-VN]

Also, configure vless tcp http server and client. I want this configuration for gaming, lower ping use with ws. Should I use vless tcp http configuration?

[Ley-VN]

Does configuring DNS usage like tun configuration to add DNS to block ads work?

[chika0801]

Exactly, I'm not in China. So it can be used normally. Can you give me an example of client configuration, when I run it I get an EOF upstream error. Normal use no problem. It has a wise influence

The client GUI program, how to fill it out, a few key points are

Address: IP of VPS Port: UUID: Type: ws (plus fill in the patch for ws)

TLS category, pay attention to the SNI (i.e., the domain name contained in the SSL certificate you loaded on the server side)

If you fill in the address of the domain name, the domain name you have pointed it to the IP of your VPS, SNI can not fill in here, do not fill in the domain name will be used as the default SNI.

[chika0801]

Does configuring DNS usage like tun configuration to add DNS to block ads work?

Regarding removing ads, geosite file I am using https://github.com/Loyalsoldier/v2ray-rules-dat , which has a collection of domains for domain ads.

The corresponding format file used in sing-box can be downloaded here: https://github.com/soffchen/sing-geosite/releases/latest/download/geosite.db

You can use the routing rules in the config file to block the ads.

            {
                "geosite": [
                    "category-ads-all"
                ],
                "outbound": "block"
            },

[chika0801]

Also, configure vless tcp http server and client. I want this configuration for gaming, lower ping use with ws. Should I use vless tcp http configuration?

Using a combination of protocol types for TCP transport, I recommend that you use e.g. VLESS+gRPC+TLS

or a combination of protocol types for UDP transport, such as TUIC Hysteria 1 or 2.

[chika0801]

If you still need to ask questions, just go ahead and reply.

[Ley-VN]

And here is my configuration { "log": { "level": "trace", "timestamp": true }, "dns": { "servers": [ { "tag": "dns_Vip", "address": "1.1.1.1", "address_resolver": "dns_direct", "strategy": "ipv4_only", "detour": "Vip" }, { "tag": "dns_direct", "address": "8.8.8.8", "strategy": "ipv4_only", "detour": "direct" }, { "tag": "block", "address": "rcode://success" } ], "rules": [ { "geosite": "category-ads-all", "server": "block", "disable_cache": true }, { "outbound": "any", "server": "local" } ], "strategy": "ipv4_only" }, "inbounds": [ { "type": "tun", "tag": "tun-in", "mtu": 1400, "inet4_address": "172.19.0.1/30", "auto_route": true, "strict_route": true, "stack": "gvisor", "sniff": true } ], "outbounds": [ { "type": "selector", "tag": "Vip", "outbounds": [ "LeyVN", "LeySG" ] }, { "type": "vless", "tag": "LeySG", "server": "", "server_port": 80, "uuid": "", "transport": { "type": "ws", "path": "/Ley", "headers": { "Host": "dl.kgvn.garenanow.com" }, "max_early_data": 2048, "early_data_header_name": "Sec-WebSocket-Protocol" }, "packet_encoding": "" }, { "type": "vless", "tag": "LeyVN", "server": "", "server_port": 80, "uuid": "", "transport": { "type": "ws", "path": "/Ley", "headers": { "Host": "dl.kgvn.garenanow.com" }, "max_early_data": 2048, "early_data_header_name": "Sec-WebSocket-Protocol" }, "packet_encoding": "" }, { "type": "direct", "tag": "direct" }, { "type": "block", "tag": "block" }, { "type": "dns", "tag": "dns-out" } ], "route": { "geoip": { "download_url": "https://github.com/soffchen/sing-geoip/releases/latest/download/geoip.db" }, "geosite": { "download_url": "https://github.com/soffchen/sing-geosite/releases/latest/download/geosite.db" }, "rules": [ { "protocol": "dns", "outbound": "dns-out" }, { "protocol": "quic", "outbound": "block" }, { "geosite": "category-ads-all", "outbound": "block" } ], "auto_detect_interface": true }, "experimental": { "clash_api": { "cache_file": "../cache/clash.db", "external_controller": "127.0.0.1:9090", "external_ui": "../files/yacd" } } }

[chika0801]

Please just tell me what questions you want to ask me now.

[Ley-VN]

All issues have been completed. I need instructions on creating ssl to use 443 tuic.

[chika0801]

TUIC configuration, if you create it with sing-box platform, just refer to the configuration example here.

If you use TUIC's own program, https://github.com/chika0801/tuic-install also has a quick installation guide here.

[Ley-VN]

There are no instructions for installing SSL using 443

[chika0801]

If you are asking how to apply for a free SSL certificate, you can go searching to solve it.

[chika0801]

You prepare the SSL certificate without pointing your domain name to the IP address of your VPS. After uploading the SSL certificate to your VPS, set the certificate's directory location correctly in the configuration.

In the client configuration, fill in the IP address of your VPS for the address, and for the one parameter SNI, fill in the domain name you used for the SSL certificate application. This usage can realize 1 SSL certificate that you upload to multiple VPS and use together.

I suspect you may be asking about this.

[Ley-VN]

This is what I needed, thank you

[Ley-VN]

{ "log": { "disabled": true }, "dns": { "servers": [ { "tag": "dns_Ley", "address": "103.199.16.240", "address_resolver": "dns_direct", "strategy": "ipv4_only", "detour": "Ley" }, { "tag": "dns_direct", "address": "local", "strategy": "ipv4_only", "detour": "direct" } ], "rules": [ { "outbound": "any", "server": "dns_direct" } ], "strategy": "ipv4_only" }, "inbounds": [ { "type": "tun", "tag": "tun-in", "mtu": 1400, "inet4_address": "172.19.0.1/30", "auto_route": true, "strict_route": true, "stack": "gvisor", "sniff": true } ], "outbounds": [ { "type": "selector", "tag": "Ley", "outbounds": [ "LeyVN", "LeySG" ], "default": "LeyVN" }, { "type": "vless", "tag": "LeySG", "server": "...", "server_port": 80, "uuid": "...", "flow": "", "transport": { "type": "http", "path": "/Ley.VN", "method": "GET", "headers": { "Host": "dl.kgvn.garenanow.com" }, "idle_timeout": "15s", "ping_timeout": "15s" }, "packet_encoding": "" }, { "type": "vless", "tag": "LeyVN", "server": "....", "server_port": 80, "uuid": "....", "flow": "", "transport": { "type": "http", "path": "/Ley.VN", "method": "GET", "headers": { "Host": "dl.kgvn.garenanow.com" }, "idle_timeout": "15s", "ping_timeout": "15s" }, "packet_encoding": "" }, { "type": "direct", "tag": "direct" }, { "type": "dns", "tag": "dns-out" } ], "route": { "rules": [ { "protocol": "dns", "outbound": "dns-out" } ], "auto_detect_interface": true }, "experimental": { "clash_api": { "cache_file": "../cache/clash.db", "external_controller": "127.0.0.1:9090", "external_ui": "../files/yacd" } } } .. This is the current configuration. I want a different vless configuration, for example: Vless configuration. "tag": "Leytest". Located in selector. But use another dns for example 1.1.1.1. As for the other two configurations, use 8.8.8.8 Is it configurable? If so, can you share how to configure it?

[chika0801]

I read this configuration of yours and combined it with what you said in understanding part of what you were thinking. I am due to not using the "type": "selector" function in outbound.

So I'm not sure what your DNS rules in the

       {
            "tag": "dns_Ley",
            "address": "103.199.16.240",
            "address_resolver": "dns_direct",
            "strategy": "ipv4_only", "strategy".
            "detour": "Ley"
        },

Here for the outbound you are using"detour": "Ley"Does it follow the change in the outlet you choose.

This question is a bit more complicated, I suggest you to ask in sing-box's TG group or go to its github. I can't help you with that. Maybe you should verify it by your own experimentation, the log level suggests you to use track or debu

[chika0801]

I'm not sure about your network environment, I think this configuration you posted, if it's used as a client (e.g. on a windows platform), you're complicating something simple by considering so many DNS resolution issues.