Closed yymk158 closed 3 weeks ago
Hello,
You only need to specify the certificate and private key on server side
wstunnel server --restrict-http-upgrade-path-prefix "xxxxx" --tls-certificate "/etc/wstunnel/server-cert.pem" --tls-private-key "/etc/wstunnel/server-private-key" ....
That's enough to use your own cert. Client side there is nothing to do, you can use --tls-verify-certificate
if you want to be sure the cert is valid.
Sorry, maybe I made a mistake I want the server and the client to authenticate to each other using the certificate key, but the connection cannot be established if the verification fails, and only my client can connect to the server Should I use this command?
wstunnel server --restrict-http-upgrade-path-prefix "xxxxx" --tls-certificate "/etc/wstunnel/server-cert.pem" --tls-private-key "/etc/wstunnel/server-private-key" --tls-client-ca-certs "/etc/wstunnel/client-cert.pem" wss://0.0.0.0:12345
wstunnel client --restrict-http-upgrade-path-prefix "xxxxx" --tls-private-key "d:\wstunnel\client-private-key" --tls-verify-certificate -L socks5://127.0.0.1:1080 https://server-ip:12345/
hello, if you want to use mutual TLS authentification, you can follow this guide https://github.com/erebe/wstunnel/blob/main/docs/using_mtls.md It explains how to setup everything.
./wstunnel server --restrict-http-upgrade-path-prefix "xxxx" --tls-certificate "/abc/11cert.pem" --tls-private-key "/abc/11key.pem" --tls-client-ca-certs "/abc/22cert.pem" wss://0.0.0.0:xxx
thread 'main' panicked at src/main
Cannot load tls certificate: No such file or directory (os error 2)
note: run with RUST_BACKTRACE=1
environment variable to display a backtrace
Using this command shows an error that cannot be loaded The certificate name and path have been confirmed Don't know why the certificate can't be loaded
it seems the file does not exist at location /abc/11cert.pem
.
Something is wrong?
openssl req -x509 -newkey rsa:4096 -keyout ca.key.pem -out ca.pem -days 3650 -nodes openssl req -newkey rsa:4096 -keyout server.key.pem -out server.pem -nodes openssl x509 -req -in server.pem -CA ca.pem -CAkey ca.key.pem -CAcreateserial -out server.crt.pem -days 3650
wstunnel server --tls-certificate "/xxx/server.crt.pem" --tls-private-key "/xxx/server.key.pem" --tls-client-ca-certs "/xx/ca.pem" wss://0.0.0.0:xxx
Describe the goal
Hello, I'm an ordinary user, not a programmer, and I can't understand how to use custom tls certificate private-key Can you elaborate on how to configure the custom TLS certificate private key?
Describe what does not work
Cannot be configured
Describe your wstunnel setup
wstunnel server --restrict-http-upgrade-path-prefix "xxxxx" --tls-certificate "/etc/wstunnel/server-cert.pem" --tls-private-key "/etc/wstunnel/server-private-key" --tls-client-ca-certs "/etc/wstunnel/client-cert.pem" wss://0.0.0.0:12345
wstunnel client --restrict-http-upgrade-path-prefix "xxxxx" --tls-certificate "d:\wstunnel\client-cert.pem" --tls-private-key "d:\wstunnel\client-private-key" --tls-client-ca-certs "d:\wstunnel\server-cert.pem" -L socks5://127.0.0.1:1080 https://server-ip:12345
Desktop (please complete the following information):
ubuntu
windows10