Skip to content

Commit fa89671

Browse files
asherotoasheroto
authored
Update README (fatedier#2221)
* Updated README.md - Fixed spelling of PayPal - Added information to TLS section, fixed spelling
1 parent 3621aad commit fa89671

File tree

1 file changed

+28
-6
lines changed

1 file changed

+28
-6
lines changed

README.md

Lines changed: 28 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,4 @@
1+
12
# frp
23

34
[![Build Status](https://circleci.com/gh/fatedier/frp.svg?style=shield)](https://circleci.com/gh/fatedier/frp)
@@ -67,7 +68,7 @@ frp also has a P2P connect mode.
6768
* [Donation](#donation)
6869
* [AliPay](#alipay)
6970
* [Wechat Pay](#wechat-pay)
70-
* [Paypal](#paypal)
71+
* [PayPal](#paypal)
7172

7273
<!-- vim-markdown-toc -->
7374

@@ -515,11 +516,32 @@ use_compression = true
515516

516517
frp supports the TLS protocol between `frpc` and `frps` since v0.25.0.
517518

518-
Config `tls_enable = true` in the `[common]` section to `frpc.ini` to enable this feature.
519-
520519
For port multiplexing, frp sends a first byte `0x17` to dial a TLS connection.
521520

522-
To enforce `frps` to only accept TLS connections - configure `tls_only = true` in the `[common]` section in `frps.ini`.
521+
Configure `tls_enable = true` in the `[common]` section to `frpc.ini` to enable this feature.
522+
523+
To **enforce** `frps` to only accept TLS connections - configure `tls_only = true` in the `[common]` section in `frps.ini`. **This is optional.**
524+
525+
**`frpc` TLS settings (under the `[common]` section):**
526+
```ini
527+
tls_enable = true
528+
tls_cert_file = certificate.crt
529+
tls_key_file = certificate.key
530+
tls_trusted_ca_file = ca.crt
531+
```
532+
533+
**`frps` TLS settings (under the `[common]` section):**
534+
```ini
535+
tls_only = true
536+
tls_enable = true
537+
tls_cert_file = certificate.crt
538+
tls_key_file = certificate.key
539+
tls_trusted_ca_file = ca.crt
540+
```
541+
542+
You will need **a root CA cert** and **at least one SSL/TLS certificate**. It **can** be self-signed or regular (such as Let's Encrypt or another SSL/TLS certificate provider).
543+
544+
If you using `frp` via IP address and not hostname, make sure to set the appropriate IP address in the Subject Alternative Name (SAN) area when generating SSL/TLS Certificates.
523545

524546
### Hot-Reloading frpc configuration
525547

@@ -967,6 +989,6 @@ frp QQ group: 606194980
967989

968990
![donation-wechatpay](/doc/pic/donate-wechatpay.png)
969991

970-
### Paypal
992+
### PayPal
971993

972-
Donate money by [paypal](https://www.paypal.me/fatedier) to my account **fatedier@gmail.com**.
994+
Donate money by [PayPal](https://www.paypal.me/fatedier) to my account **fatedier@gmail.com**.

0 commit comments

Comments
 (0)