Your Privacy Gateway contains step-by-step instructions for the services it provides, and mirrors of all necessary client software. The Gateway can be accessed over SSL or via a Tor Hidden Service.


SSL Certificate Installation

You should install the Gateway's SSL certificate so your browser can automatically verify the integrity of the connection. This prevents anyone from tampering with your traffic and also protects your login credentials. The certificate has been embedded directly into this HTML file, and you can download it here:

Download Certificate

Windows

These instructions work for Chrome and Internet Explorer. Firefox uses its own internal Certificate Manager, but it's easy to configure too.

  1. Download the SSL certificate embedded in this document.
  2. Double-click to open the downloaded certificate.
  3. Click Install Certificate...
  4. The Certificate Import Wizard will start. Click Next.
  5. Select Place all certificates in the following store and click Browse.
  6. Select Trusted Root Certification Authorities and click OK.
  7. Click Next and then click Finish.
  8. Confirm that you would like to install the certificate by choosing Yes.
  9. Close and re-open your browser.
  10. You are ready to connect. See Connecting to your Privacy Gateway.

OS X

These instructions work for Chrome and Safari. Firefox uses its own internal Certificate Manager, but it's easy to configure too.

  1. Go to Applications > Utilities and launch Keychain Access.
  2. Download the SSL certificate embedded in this document.
  3. Drag the downloaded certificate into the login keychain section.
  4. A window will appear asking if you want to trust the certificate. Click Always Trust.
  5. Enter your password when you are prompted to do so, and click Update Settings.
  6. Right-click on the imported certificate and select Get Info.
  7. Click the arrow next to Trust and more options will appear.
  8. Choose Always Trust next to the Secure Sockets Layer (SSL) option.
  9. Close the certificate window and enter your password again.
  10. You are ready to connect. See Connecting to your Privacy Gateway.

Android

These instructions work for Chrome. Firefox for Android uses its own internal Certificate Manager but does not provide an interface for importing certificates yet. Chrome is therefore the recommended way to connect to the Privacy Gateway.

Less secure, but easy

  1. Download the SSL certificate embedded in this document.
  2. Email the downloaded certificate to an account that can be accessed from the Android device.
  3. Open the email and tap the attachment.
  4. A popup will appear. Enter ip-172-31-8-35 for the Certificate name, and make sure VPN and apps is selected for the Credential use value.
  5. Tap OK.
  6. You are ready to connect. See Connecting to your Privacy Gateway.

More secure

  1. Connect the Android device to your computer.
  2. Download the SSL certificate embedded in this document.
  3. Drag the downloaded certificate to the root of the Android device's filesystem.
  4. Launch the Settings application.
  5. Scroll to the Personal section and tap Security.
  6. Scroll to the Credential Storage section and tap Install from storage.
  7. Select the certificate that you copied to your phone.
  8. Enter ip-172-31-8-35 for the Certificate name, and make sure VPN and apps is selected for the Credential use value.
  9. Tap OK.
  10. You are ready to connect. See Connecting to your Privacy Gateway.

iOS

Less secure, but easy

  1. Download the SSL certificate embedded in this document.
  2. Email the downloaded certificate to an account that can be accessed from the iOS device.
  3. Open the email, and tap the attachment.
  4. The Install Profile screen will appear. You can view the certificate details and make sure they match the information from the SSL Verification section. Tap Install.
  5. Tap Install again when the warning appears.
  6. Tap Done.
  7. You are ready to connect. See Connecting to your Privacy Gateway.

More secure

  1. Connect the iOS device to your OS X computer.
  2. Tap Trust if the Trust This Computer? popup appears.
  3. Install the Apple Configurator utility from the Mac App Store.
  4. Launch the Apple Configurator utility and agree to the license.
  5. Click Start Preparing Devices.
  6. Click Install Profiles....
  7. Turn the phone on and unlock it.
  8. Click Next.
  9. Click New... and enter ip-172-31-8-35 in the Name field of the General section.
  10. Scroll down to the Certificates section.
  11. Download the SSL certificate embedded in this document.
  12. Click Configure, select the downloaded certificate, and click Open.
  13. Click Save.
  14. Check the checkbox next to the ip-172-31-8-35 profile you just created. Click Next.
  15. The Install Profile screen will appear on your iOS device. Tap Install.
  16. Tap Install again when the warning appears.
  17. Tap Done.
  18. You are ready to connect. See Connecting to your Privacy Gateway.

Chromium

  1. Click the Menu button and go to Settings.
  2. Scroll to the bottom of the window and click Show advanced settings...
  3. Scroll to the HTTPS/SSL section and click Manage certificates...
  4. Go the Authorities tab.
  5. Download the SSL certificate embedded in this document.
  6. Click Import..., select the downloaded certificate, and click Open.
  7. A popup will appear. Check the box next to Trust this certificate for identifying websites and click OK.
  8. Click Done.
  9. You are ready to connect. See Connecting to your Privacy Gateway.

Firefox

  1. Launch Firefox.
  2. Open the Options > Preferences panel.
  3. Click on the Advanced icon.
  4. Go to the Certificates tab.
  5. Click View Certificates.
  6. A window will appear. Click on the Authorities tab.
  7. Download the SSL certificate embedded in this document.
  8. Click Import..., select the downloaded certificate, and click Open.
  9. A popup will appear. Check the box next to Trust this CA to identify websites and click OK.
  10. Click OK to close the certificate manager, and then close the Preferences panel.
  11. You are ready to connect. See Connecting to your Privacy Gateway.

Manual SSL Verification

The manual certificate verification option is significantly less secure than installing the certificate using one of the methods above. Your browser will display a warning message, and you are more vulnerable to man-in-the-middle attacks because the fingerprints must be verified on every connection attempt. It should be used with great care, and only as a last resort.

The certificate details should match the following information:

Serial Number

serial=F8ED95A04A42029C

Fingerprints
SHA256 Fingerprint=30:64:5D:D5:FF:0A:20:46:C5:15:2B:71:C5:11:C0:E8:21:54:5B:F4:88:3B:9D:90:16:BF:F7:32:9D:06:67:3C
SHA1 Fingerprint=EA:7E:FC:58:92:C4:9A:2A:7F:72:B5:85:C8:4E:DB:04:DA:89:A5:C9
MD5 Fingerprint=58:F7:17:F0:4A:36:5F:90:2F:71:D9:DD:C7:7D:8A:2E

If everything checks out, you are ready to connect. See Connecting to your Privacy Gateway.

Connecting to your Privacy Gateway

Each connection option takes you to the same place and you can use whichever one is most convenient for you. Fun fact: Your Gateway's unique password was generated by randomly choosing four words from a dictionary with more than 283,000 entries.

SSL

https://gateway.cryp7.com

username: cryp7
password: catastrophist-cerebella-suffetes-nonindustrial

Tor Hidden Service

All connections to Tor hidden services are fully encrypted.

http://azbt3cjmhnv57is3.onion

username: cryp7
password: catastrophist-cerebella-suffetes-nonindustrial