genma
May 2, 2016, 6:20pm
1
Tor is installed and I’ve a .onion adress.
Actually, if i go on https://azerty.onion , I’ve a Nginx page. I need to go on https://azerty.onion/myapps/ to have my apps page.
I want to have my apps on https://azerty.onion
My apps is already a default page for another domain name (foo.org )
Other problem https://azerty.onion/yunohost is ok. Ok can I prohibit this adress.
https://azerty.onion has a selfsigned certificate, auto generated. In this certificate, there’s the foo.org mention adress. So the true adress is leaked. How can I correct this?
2 Likes
Hey, I was going to write a post with exactly the same problems.
Did you find any solution for any of them?
A certificate does not make much sense when using onion services, I would like to remove the certificate for the onion domain but don’t know how.
Yes. That does not solve the problem.
I go to http://maronion.azerty.onion/installedapp and it automatically changes to https://maronion.azerty.onion/installedapp with the warning about the certificate.
It should stay with http, https does not make much sense for onion connections.
Normally https does not add any value to an onion connection, only confusing warnings to average users.
I think yunohost should not do https on .onion domains, only in a very complex onion setup a certificate could make some sense.
How can I configure it so that it stays on http when connecting to my .onion domain?
Here is what we do in most of our scripts:
It means we redirect our apps to make sure it will use https.
I assume you have to find your nginx configuration file for your app, and inverse this test.
Here is the helper we use to install a nginx file:
#
# usage: ynh_add_nginx_config
#
# This will use a template in ../conf/nginx.conf
# __PATH__ by $path_url
# __DOMAIN__ by $domain
# __PORT__ by $port
# __NAME__ by $app
# __FINALPATH__ by $final_path
#
ynh_add_nginx_config () {
finalnginxconf="/etc/nginx/conf.d/$domain.d/$app.conf"
ynh_backup_if_checksum_is_different "$finalnginxconf"
sudo cp ../conf/nginx.conf "$finalnginxconf"
# To avoid a break by set -u, use a void substitution ${var:-}. If the variable is not set, it's simply set with an empty variable.
# Substitute in a nginx config file only if the variable is not empty
if test -n "${path_url:-}"; then
# path_url_slash_less is path_url, or a blank value if path_url is only '/'
local path_url_slash_less=${path_url%/}
ynh_replace_string "__PATH__/" "$path_url_slash_less/" "$finalnginxconf"
You should be able to guess where is the file
enjoy
peer
August 30, 2018, 7:56am
6
Hey libecfed!
Your trick on the subdomain works! I mean it does solve the issue of seeing unwanted data in the certificate.
I have not tried your suggestions to avoid redirection.