move self-signed cert guide to bottom
This commit is contained in:
parent
e8063c7efd
commit
e0a1220126
90
docs/ipad.md
90
docs/ipad.md
|
@ -45,51 +45,6 @@ can add this to `keybindings.json`:
|
|||
|
||||
4. Test the command by using `cmd+w` to close an active file.
|
||||
|
||||
## Access code-server with a self-signed certificate on an iPad
|
||||
|
||||
If you've installed code-server and are [running it with a self-signed
|
||||
certificate](./guide.md#using-a-self-signed-certificate), you may see multiple
|
||||
security warnings from Safari. To fix this, you'll need to install the
|
||||
self-signed certificate generated by code-server as a profile on your device (you'll also need to do this to
|
||||
enable WebSocket connections).
|
||||
|
||||
### Certificate requirements
|
||||
|
||||
- We're assuming that you're using the self-signed certificate code-server
|
||||
generates for you (if not, make sure that your certificate [abides by the
|
||||
guidelines issued by Apple](https://support.apple.com/en-us/HT210176)).
|
||||
- We've noticed that the certificate has to include `basicConstraints=CA:true`.
|
||||
- Your certificate must have a subject alt name that matches the hostname you'll
|
||||
use to access code-server from the iPad. You can pass this name to code-server
|
||||
so that it generates the certificate correctly using `--cert-host`.
|
||||
|
||||
### Sharing a self-signed certificate with an iPad
|
||||
|
||||
To share a self-signed certificate with an iPad:
|
||||
|
||||
1. Get the location of the certificate code-server generated; code-server prints
|
||||
the certificate's location in its logs:
|
||||
|
||||
```console
|
||||
[2020-10-30T08:55:45.139Z] info - Using generated certificate and key for HTTPS: ~/.local/share/code-server/mymbp_local.crt
|
||||
```
|
||||
|
||||
2. Send the certificate to the iPad, either by emailing it to yourself or using
|
||||
Apple's Airdrop feature.
|
||||
|
||||
3. Open the `*.crt` file so that you're prompted to go into Settings to install.
|
||||
|
||||
4. Go to **Settings** > **General** > **Profile**, and select the profile. Tap **Install**.
|
||||
|
||||
5. Go to **Settings** > **About** > **Certificate Trust Settings** and [enable
|
||||
full trust for your certificate](https://support.apple.com/en-us/HT204477).
|
||||
|
||||
You should be able to access code-server without all of Safari's warnings now.
|
||||
|
||||
**warning**: Your iPad must access code-server via a domain name. It could be local
|
||||
DNS like `mymacbookpro.local`, but it must be a domain name. Otherwise, Safari will
|
||||
not allow WebSockets connections.
|
||||
|
||||
## Access code-server using Servediter
|
||||
|
||||
If you are unable to get the self-signed certificate working, or you do not have a domain
|
||||
|
@ -199,3 +154,48 @@ In the meantime, you can manually define a shortcut as a workaround:
|
|||
```
|
||||
|
||||
_Source: [StackOverflow](https://stackoverflow.com/a/52735954/3015595)_
|
||||
|
||||
## Access code-server with a self-signed certificate on an iPad
|
||||
|
||||
If you've installed code-server and are [running it with a self-signed
|
||||
certificate](./guide.md#using-a-self-signed-certificate), you may see multiple
|
||||
security warnings from Safari. To fix this, you'll need to install the
|
||||
self-signed certificate generated by code-server as a profile on your device (you'll also need to do this to
|
||||
enable WebSocket connections).
|
||||
|
||||
### Certificate requirements
|
||||
|
||||
- We're assuming that you're using the self-signed certificate code-server
|
||||
generates for you (if not, make sure that your certificate [abides by the
|
||||
guidelines issued by Apple](https://support.apple.com/en-us/HT210176)).
|
||||
- We've noticed that the certificate has to include `basicConstraints=CA:true`.
|
||||
- Your certificate must have a subject alt name that matches the hostname you'll
|
||||
use to access code-server from the iPad. You can pass this name to code-server
|
||||
so that it generates the certificate correctly using `--cert-host`.
|
||||
|
||||
### Sharing a self-signed certificate with an iPad
|
||||
|
||||
To share a self-signed certificate with an iPad:
|
||||
|
||||
1. Get the location of the certificate code-server generated; code-server prints
|
||||
the certificate's location in its logs:
|
||||
|
||||
```console
|
||||
[2020-10-30T08:55:45.139Z] info - Using generated certificate and key for HTTPS: ~/.local/share/code-server/mymbp_local.crt
|
||||
```
|
||||
|
||||
2. Send the certificate to the iPad, either by emailing it to yourself or using
|
||||
Apple's Airdrop feature.
|
||||
|
||||
3. Open the `*.crt` file so that you're prompted to go into Settings to install.
|
||||
|
||||
4. Go to **Settings** > **General** > **Profile**, and select the profile. Tap **Install**.
|
||||
|
||||
5. Go to **Settings** > **About** > **Certificate Trust Settings** and [enable
|
||||
full trust for your certificate](https://support.apple.com/en-us/HT204477).
|
||||
|
||||
You should be able to access code-server without all of Safari's warnings now.
|
||||
|
||||
**warning**: Your iPad must access code-server via a domain name. It could be local
|
||||
DNS like `mymacbookpro.local`, but it must be a domain name. Otherwise, Safari will
|
||||
not allow WebSockets connections.
|
Loading…
Reference in New Issue