Open Masood-Lapeh opened 1 year ago
Hi, @Masood-Lapeh. I hope you masked [sstp]bind
to 127.0.0.1
but in real config you have public IP address here for your cert from LE. Pay attention, that your client should connects to domain.name
not to IP directly, some clients like Windows SSTP client restrict this.
If you really use 127.0.0.1
, how you get certificate verification?
Hi @DmitriyEshenko. I had a similar setup with softether's SSTP working on both Open SSTP Client and Windows native SSTP Client without messing with clients. First I got letsencrypt certificate for my.domain verified on my public IP address and then I used those certificates for what is listening on 127.0.0.1 behind sslh which listens on mypublicip:443 and filters by SNI. traffic with specific SNI goes to 127.0.0.1:4432 which previously sofether was listening on, and now accel-ppp. So isn't a similar thing possible with accel-ppp and maybe there is more strict checkings with it?
What could be the reason behind these
error: : sstp: read: Input/output error
s?I'm trying to run a SSTP server on an Ubuntu VPS behind sslh.
I could do it via Softether. While I don't know much about these stuff and am doing trial and erro, I'm trying out other solutions too. I've got my certificate by certbot. Here's my config: