diff --git a/Desktop-installation.md b/Desktop-installation.md index ec1b273..9c3f9a9 100644 --- a/Desktop-installation.md +++ b/Desktop-installation.md @@ -5,8 +5,9 @@ If you want to use Trilium on the desktop, download binary release for your plat There are also some other options to start Trilium: * `trilium-no-cert-check` - Trilium will not validate the certificates, useful e.g. when you're syncing against a sync server with self-signed certificate + * Alternatively you can set `NODE_TLS_REJECT_UNAUTHORIZED=0` environment variable to the Trilium process. * `trilium-portable` - Trilium will try to create [[data directory]] in the trilium's directory * `trilium-safe-mode` - start up in "safe mode" which disables any startup scripts which might e.g. crash the application # Synchronization -If you are using a desktop instance and would like to sync with your server instance: [[Synchronization]] \ No newline at end of file +If you are using a desktop instance and would like to sync with your server instance: [[Synchronization]] diff --git a/TLS-configuration.md b/TLS-configuration.md index c9d5dfe..659d043 100644 --- a/TLS-configuration.md +++ b/TLS-configuration.md @@ -21,4 +21,19 @@ keyPath=/[username]/.acme.sh/[hostname]/example.com.key Above is only example of how this is set up on my environment when I generated the certificate using Let's encrypt acme utility. Your paths may be completely different. (Note that if you are using a Docker installation, these paths should be in a volume or other path understood by the docker container, e.g., /home/node/trilium-data/[DIR IN DATA DIRECTORY].) -After you set this up, you may restart Trilium and now visit the hostname with "https". \ No newline at end of file +After you set this up, you may restart Trilium and now visit the hostname with "https". + +## Self-signed certificate + +If you need to use a self-signed certificate for your server instance, the desktop instance won't trust it. + +Currently the only way to make this work is by disabling certificate validation by setting this environment variable (for Linux): + +``` +export NODE_TLS_REJECT_UNAUTHORIZED=0 +trilium +``` + +Trilium comes with scripts to start Trilium in this mode, e.g. `trilium-no-cert-check.bat` for Windows. + +** Note that disabling TLS certificate validation is insecure, so do it only if you're sure you know what you're doing! **