I’ve finally found a VPN client that will allow connecting from an Android phone to a Microsoft Windows Server 2008-2019 environment over the SSTP VPN protocol (VPN over SSL). The best part is that it is free, however not exactly so the app is cracked but fully functional. Because you came here you can have it for free. Please make sure to support my site by clicking on an advertisement if you’ve found this site helpful in any way. If you have only a single public IP to use and are already running something over TCP/443, fear not as I […]
Often when you’re working in heterogeneous environments you will be needing to convert the standard Linux format x509/PEM SSL certificate files to the Windows native PFX/p12 format, or vise-versa. The following OpenSSL commands are able to do just about every type of certificate conversion imaginable. Tip .pem, .cer, crt. are all the same type of x509/pem certificate only with different extensions. full certificate chain = public cert + intermediate cert + root cert contained in a single file OpenSSL Convert X509/PEM Convert PEM & Private Key to PFX/P12: openssl pkcs12 -export -out certificate.pfx -inkey privatekey.pem -in certificate.pem -certfile CACert.pem Convert fullchain PEM & Private Key (Let’s […]
Chances are this is not the first website you’ve come to after breaking SSL on your Nginx box, but I promise it will be the last. The problem is actually a very simple one, and the Nginx error log tells you verbatim what is wrong with the config, although nginx -t will yield success. Nginx reads and runs the sites in alphabetical order, therefore this issue can be fixed by finding and fixing the site config which is listening on port 443 and using ssl without any ssl certificate declarations which is causing your site further down the alphabetical line to fail HTTPS. In my case it was a Nginx site config called stub_status.conf causing SSL to fail in sysinfo.io.conf even though I did have SSL correctly setup.
In this video I show you how to enable Tor on Android with Orbot and prove that the Google Chrome browser is using a real Tor IP address instead of my public IP.
With Edward Snowden’s shocking revelations that the NSA has for years been working to crack and subvert VPN encryption technologies, together with the fact that it is becoming increasingly obvious that most such technologies have been developed and certified by the US government’s National Institute of Standards and Technology (NIST), may therefore be considered suspect.
If you are deploying SSTP VPN for Windows clients and get the error: “The revocation function was unable to check revocation because the revocation server was offline.”, you are most likely using your own internal PKI and the certificate used for SSTP does not have a Certificate Revocation List (CRL) accessible from the outside, so the client machine is failing checking whether or not the certificate has been revoked from the CA. If you simply want to bypass this, you can edit the registry on the client: