[tor-bugs] #18655 [Obfuscation/meek]: Make meek-server easy to use with Let's Encrypt
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jun 2 04:31:07 UTC 2016
#18655: Make meek-server easy to use with Let's Encrypt
------------------------------+---------------------
Reporter: dcf | Owner: dcf
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: Obfuscation/meek | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
------------------------------+---------------------
Comment (by gtank):
Here's my branch using Russ Cox's LE client library. It's a new
dependency, but only about 50 lines of code in meek-server itself:
http://github.com/gtank/meek/tree/letsencrypt
The example torrc works fine on a Debian machine and starts bridging
without noticeable delay on first fetch. The biggest caveats I can think
of are
1) It manages the keys and certificates in a cache file on disk. There are
good reasons for this (https://godoc.org/rsc.io/letsencrypt#hdr-
Persistent_Storage) but it isn't strictly necessary.
2) If meek-server isn't listening on 443, this starts a new listener there
since Let's Encrypt doesn't give you another option.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18655#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list