Removing self-signed certificate on onion adres


Can’t install Let’s Encrypt certificate so I’m stuck with self-signed. However I would like to remove that because it’s useless on a onion address and gives me a annoying warning.

Any idea what I have to remove?


I don’t understand your question ?

If you’re doing HTTPS, you cannot not have a certificate I believe. The only workaround is to use HTTP ?

I think I formulated my question pretty clear.

I don’t have a domain, I only have a onion address and that’s my main host.

Now I get automatically assigned a self-signed certificate which I don’t want because then I get a warning error when I visit the page which I don’t want.

Ofcourse I know I can’t install a LE certificate on a onion address

Well I don’t know much about onion adresses, but I’m guessing that these run on HTTP on HTTPS… So probably what you mean is that you want to get rid of the auto-redirections to HTTPS…

For this, you’ll probably need to comment the rewrite ^ https://foo.tld/... in the nginx configurations. You can find them with :

grep -nr "rewrite ^ https:" /etc/nginx/

But I’m not sure that this’ll be sufficient as there are a few places (like in SSOwat) where there are ~implicit redirections to HTTPS :confused:

I have the same problem. Did you solve it?

As far as I understand, this is an issue for LE since they started.

It appears in discussion I don’t fully undersand that disabling https is a bad idea, including through Tor.

some are working on it, although it seems not to be planned to be implemented soon