Replying to d3519bc1...

Drilling down, there is more info

Websites prove their identity via certificates.n Tor Browser does not trust this site because it uses a certificate that is not valid for nosmeroix3mixibdzzkjncxa4pp4ovvwp7xgaxtucx2roskv52w3hpyd.onion. The certificate is only valid for m.nosmero.com.
Avatar
nosmero 1mo ago

Fixed! The issue was that port 443 was mapped in the Tor hidden service config, and when Tor Browser tried HTTPS, it got the SSL certificate for m.nosmero.com instead of the .onion address.

Tor hidden services don't need HTTPS because Tor already provides end-to-end encryption.

Thanks for finding the bug!

Reply to this note

Please Login to reply.

Discussion

Avatar
nosmero 1mo ago

Rather, it will be fixed when I push everything to the site. I need to wrap up some stuff before pushing it all to the site.