diff options
author | kali kaneko (leap communications) <kali@leap.se> | 2021-05-17 12:53:24 +0200 |
---|---|---|
committer | kali kaneko (leap communications) <kali@leap.se> | 2021-05-17 17:52:46 +0200 |
commit | 083f4095319b734f33f3e28a9f3234ff9cf6a7d7 (patch) | |
tree | d6e81c51862f1a7157d8e1de719e214df579104d /docs | |
parent | 1d0bdcd6d82b1edcb56268198b242a5814a04fd9 (diff) |
[feat] reuse certificate if found in config folder
Diffstat (limited to 'docs')
-rw-r--r-- | docs/circumvention.rst | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/docs/circumvention.rst b/docs/circumvention.rst new file mode 100644 index 0000000..8c220cc --- /dev/null +++ b/docs/circumvention.rst @@ -0,0 +1,25 @@ +Censorship Circumvention +================================================================================ + +This document contains some advice for using BitmaskVPN for censorship +circumvention. + +Bootstrapping the connection +----------------------------- + +There are two different steps where circumvention can be used: boostrapping the +connection (getting a certificate and the configuration files) and using an +obfuscated transport protocol. At the moment RiseupVPN offers obfs4 transport +"bridges" (you can try them with the `--obfs4` command line argument). For the +initial bootstrap, there are a couple of techniques that will be attempted. + +Getting certificates off-band +----------------------------- + +As a last resort, you can place a valid certificate in the config folder (name +it after the provider domain). You might have downloaded this cert with Tor, +using a socks proxy etc... + + ~/.config/leap/riseup.net.pem + +When the certificate expires you will need to download a new one. |