Downloads | inDev. Journal
sharing is caring
strongSwan root CA
Self-signed certificate for site-to-site strongSwan (road warrior) services. Private use only!
New updates for the root Certificate Authority (CA), I’ve re-signed all the server keys with a single CA key.
So, just one copy of the root CA cert needs to be installed on the client side (your devices):
https://cdn.frankindev.com/i.j.ic/strongSwan.pem
Choose one of the server addresses below, random server will be chosen for regions that are served with multiple servers.
| server address | region(s) | updated |
|---|---|---|
| a3IuaWtldjIuZnJhbmtpbmRldi5jb20= | Seoul, KR | 2 months and 2 weeks ago |
| dXMuaWtldjIuZnJhbmtpbmRldi5jb20= | Ashburn, US | 2 months and 2 weeks ago |
| b3Blbi5mcmFua2luZGV2LmNvbQ== | Seoul, KR | 2 months and 2 weeks ago |
👉 Follow the step-by-step configuration instructions here.
👉 macOS, iOS, and Windows 10 have native support for IKEv2.
🥳 Starting from Android 12, IKEv2 is natively supported, but I’m not able to pick the right encryption ciphers at present
. You can alternatively use the
open.frankindev.comwith Cisco AnyConnect…
Encrypted DNS configuration file
On iOS 14+ or macOS Big Sur devices, you can download and install a special .mobileconfig file that adds DNS-over-HTTPS or DNS-over-TLS servers to encrypt your DNS requests.
Here’s my configuration file for my hosted DNS-over-HTTPs: doh.mobileconfig, proxied by Fly.io.