trojan-go icon indicating copy to clipboard operation
trojan-go copied to clipboard

Published 20 hours ago verified publisher icon p4gefau1t

[BUG] sni问题

Open MichaelPan1026 opened this issue 3 years ago • 7 comments

  • [x] 我确定我已经尝试多次复现此次问题,并且将会提供涉及此问题的系统和网络环境,软件及其版本。

我们建议您按照下方模板填写 Bug Report,以便我们收集更多的有效信息

简单描述这个 Bug

服务端报错 sni mismatched,该sni是域名绑定的dns记录

服务端和客户端日志

[ERROR] 2022/02/02 07:27:03 github.com/p4gefau1t/trojan-go/tunnel/tls.(*Server).acceptLoop.func1:server.go:140 tls handshake failed | EOF [INFO] 2022/02/02 07:27:03 tcp connection from [ERROR] 2022/02/02 07:27:03 github.com/p4gefau1t/trojan-go/tunnel/tls.(*Server).acceptLoop.func1:server.go:140 tls handshake failed | sni mismatched: xxx.xxx.xxxx.xxxx, expected: xxxxx.xxx

MichaelPan1026 avatar Feb 01 '22 23:02 MichaelPan1026

请问,问题解决了吗? 我也同样出现了这个问题,是更换域名后就这样了,然后重置服务器也没有用.

sxiao1619 avatar May 16 '22 08:05 sxiao1619

同样的问题

Bunuly avatar Jun 09 '22 11:06 Bunuly

sni mismatched 同样的问题, 但是在shaodowrocks就没问题

selectarget avatar Jul 17 '22 21:07 selectarget

same problem with self-signed ssl .

alirezaimi avatar Dec 29 '22 05:12 alirezaimi

same here...

mhasgari avatar Jan 07 '23 14:01 mhasgari

Per https://github.com/p4gefau1t/trojan-go/blob/824b599a7ee9075765ba699063c498549d7800b1/tunnel/tls/config.go#L20

You can disable this option if you don't have a certificate signed with a desired CN.

Rik-F5 avatar Apr 26 '23 02:04 Rik-F5

vi /etc/trojan-go/config.json check path :

"websocket": { "enabled": true, "path": "/index.html", "host": "host.com" },

idyes avatar Feb 18 '24 09:02 idyes