I’m attempting to install BoringProxy on a small (BuyVM - 2core/2gb/20gb) KVM VPS.
rpm --eval ‘%{_arch}’
x86_64
I’ve tried it with the latest Ubuntu and the latest Rocky Linux. On both, I’ve installed from both executable as well as compiled it myself on the VPS in Go. In all cases, the result is the same.
On initial startup, Boringproxy gives the following errors:
./boringproxy-linux-x86_64 server
2023/12/10 08:21:53 Starting up
2023/12/10 08:21:53 failed reading boringproxy_db.jsonNo admin domain set. Select an option below:
Enter ‘1’ to input manually
Enter ‘2’ to configure through TakingNames.io
1Enter admin domain:
*****.net
Your sites will be served over HTTPS automatically using an automated CA.
By continuing, you agree to the CA’s terms of service.
Please enter your email address to signify agreement and to be notified
in case of issues. You can leave it blank, but we don’t recommend it.
Email address: @.com
2023/12/10 22:00:42 Ready
2023-12-10T22:00:55Z 104.164.173.139 GET ****************.net /
2023-12-10T22:00:56Z 154.28.229.73 GET ****************.net /
2023-12-10T22:01:01Z 65.154.226.168 GET ****************.net /
2023-12-10T22:01:03Z 161.35.27.144 GET **********.net /
2023/12/10 22:01:03 http: TLS handshake error from 161.35.27.144:56208: no certificate available for '...’
2023/12/10 22:01:03 http: TLS handshake error from 161.35.27.144:56818: no certificate available for '...’
2023/12/10 22:01:04 http: TLS handshake error from 161.35.27.144:57204: no certificate available for '...’
2023/12/10 22:01:04 http: TLS handshake error from 161.35.27.144:57800: tls: client requested unsupported application protocols ([http/0.9 http/1.0 spdy/1 spdy/2 spdy/3 h2c hq])
2023/12/10 22:01:04 http: TLS handshake error from 161.35.27.144:58168: tls: client requested unsupported application protocols ([hq h2c spdy/3 spdy/2 spdy/1 http/1.0 http/0.9])
I am not blocked by LetsEncrypt:
curl https://acme-v02.api.letsencrypt.org/directory
{
“gp7vMsgiTGc”: “Adding random entries to the directory - API Announcements - Let's Encrypt Community Support”,
“keyChange”: “https://acme-v02.api.letsencrypt.org/acme/key-change”,
“meta”: {
“caaIdentities”: [
“letsencrypt.org”
],
“termsOfService”: “https://letsencrypt.org/documents/LE-SA-v1.3-September-21-2022.pdf”,
“website”: “https://letsencrypt.org”
},
“newAccount”: “https://acme-v02.api.letsencrypt.org/acme/new-acct”,
“newNonce”: “https://acme-v02.api.letsencrypt.org/acme/new-nonce”,
“newOrder”: “https://acme-v02.api.letsencrypt.org/acme/new-order”,
“renewalInfo”: “https://acme-v02.api.letsencrypt.org/draft-ietf-acme-ari-01/renewalInfo/”,
“revokeCert”: “https://acme-v02.api.letsencrypt.org/acme/revoke-cert”
}
Wildcard domain is correctly set (The one “*.” is real):
.net IN A ... Edit | Delete
www..net IN A ... Edit | Delete
.***************.net IN A ... Edit | Delete
What is happening here and how do I fix it?