2017年8月19日 星期六

Build your service using Pritunl and Lets Encrypt

Pritunl is an open source enterprise VPN platform which is used to easily build free VPN service.
It is built on the top of TLS/SSL protocol and is not easily banned by some countries. :)
However, by the default settings of its tutorial, the generated TLS certificate for Pritunl is not recognized by browsers because its certificate is not authorized by third-party CA.

To mitigate the effect, Let's Encrypt, the well-known CA, is considered as the best choice for end-users.

This post briefs how to setup Let's Encrypt's SSL certificate and setup Pritunl on Ubuntu 14.04. You can follow the following easy steps to build your own VPN service.

  1. Go to Let's Encrypt and apply for a certificate by the certbot script.
  2. If you are using apache, nginx or Plesk, please stop and remove it first. Otherwise, the later Pritunl will have a conflict on port 80. 
  3. Follow the post of Vultr to setup Pritunl.
  4. Congratulations! You have your own VPN service.  


Trouble Shotting
If your Pritunl service cannot normally start, please check Pritunl's log in /var/log/pritunl.log. If the log displays the message like "127.0.0.1:27001 connection refused", please check MongoDB's log messages in /var/log/mongodb/mongod.log. You may find the following texts in the log file:
ERROR: Insufficient free space for journal files
Please make at least 3379MB available in /var/lib/mongo/journal or use --smallfiles

It seems that the disk space is not enough for running MongoDB and it will impact the service of Pritunl. To solve this issue, please add the following configuration in the configuration file (it is generally put in /etc/mongod.conf) of MongoDB.
  mmapv1:
    smallFiles: true

Then, restart MongoDB service by the command: service mongod restart

Finally, you may normally activate the Pritunl service.

沒有留言:

張貼留言