How to use "hysteria" without domain name: Self-Signed certificates and configurations #1052
LazarenkoA
started this conversation in
General
Replies: 2 comments
-
Yes and yes |
Beta Was this translation helpful? Give feedback.
0 replies
-
You can even self-sign certificates for an IP address. For example, assuming your server's IP address is #!/bin/bash
ip="192.0.2.123"
openssl genrsa -out hysteria.ca.key 2048
openssl req -new -x509 -days 3650 -key hysteria.ca.key -subj "/CN=Hysteria Root CA" -out hysteria.ca.crt
openssl req -newkey rsa:2048 -nodes -keyout hysteria.server.key -subj "/CN=$ip" -out hysteria.server.csr
openssl x509 -req -extfile <(printf "subjectAltName=IP:$ip") -days 3650 -in hysteria.server.csr -CA hysteria.ca.crt -CAkey hysteria.ca.key -CAcreateserial -out hysteria.server.crt |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Can I use "hysteria" without specifying the "acme" parameter in the config? I simply don't have a domain name, just a public IP address. If the only solution is to generate my own certificates and use the 'tls' parameter, then another question: can I use self-signed certificates?
Beta Was this translation helpful? Give feedback.
All reactions