[教學] Asus merlin V2ray + tls + WS + CDN, 更新let's encrypt已死, 解決方法

原帖: Asus merlin V2ray + tls + WS + CDN
https://www.hkepc.com/forum/view ... p;extra=&page=1

10月26日更新
Asus Merlin Let's encrypt 出現不能renew cert現象, 上網爬文發現始自10月初, 應是let's encrypt停了renewal, 封殺Asus?

咁張cert expired就用唔到tls, v2ray=收皮, 咁點算?

當你原本張CA signed cert到期後, 自己login asus merlin admin GUI
Advance setting > WAN > DDNS
唔用free cert from Let's encrypt, 改用import/persistent auto-generated
generate new cert = yes
additional cert san = "xxx.dyndns.com" //你router個DDNS domain name
click apply
之後reboot router, 等v2ray去apply張新cert

咁仲未用到CDN
login Cloudflare
domain > SSl/TLS
由full (strict) 改返用 full, (Encrypts end-to-end, using a self signed certificate on the server)

如要直連DDNS, 因為張cert係self-signed, 係shadowrocket server要enable Allow Insecure, 咁先連到,
如經CDN, 因為CDN有CA signed cert, 所以唔駛allow insecure