arno/privatebin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add HTTPS guide

rugk 2016-08-25 17:03:27 +02:00
parent 0169bb8eb7
commit e634efd2c7
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
FAQ.md

@ -71,10 +71,17 @@ You can also look at the release notes of PrivateBin to see what else changed.
At first, this is not a question. Secondly we acknowledge that and are well aware that JavaScript cannot provide the same level of security as other methods do, because you still need to trust the server administrator not to deliver manipulated scripts. That is why we explicitly mention this conceptual issue [in our Readme](https://github.com/PrivateBin/PrivateBin#what-it-doesnt-provide).
However people have different security requirements and sometimes a fast way to send someone an encrypted message is needed. If you want to be secure against any attacks, we strongly recommend you to **host your own PrivateBin instance** and use transport encryption (HTTPS and more) to prevent any modification of the data sent and received by PrivateBin.
However people have different security requirements and sometimes a fast way to send someone an encrypted message is needed. If you want to be secure against any attacks, we strongly recommend you to **host your own PrivateBin instance** and use transport encryption (HTTPS) to prevent any modification of the data sent and received by PrivateBin.
## Technical
### How should I setup HTTPS?
There are many guides and test tools, which may help you how to setup HTTPS. Here are some recommendations:
* There is no need to buy a SSL certificate. You can get one for free from [Let's Encrypt](https://letsencrypt.org/) or [StartCom](https://startssl.com/).
* Use [Mozilla's config generator](https://mozilla.github.io/server-side-tls/ssl-config-generator/) to create a strong configuration. (we recommend the "Modern" configuration)
* Test your server configuration with [SSLLabs](https://www.ssllabs.com/ssltest/).
### How to fix "There is no suitable CSPRNG installed on your system"?
This error means you do not have a cryptographically secure random number generator available on your system. This is a [requirement](https://github.com/PrivateBin/PrivateBin/wiki/Installation#requirements) of PrivateBin for security reasons.