|
| 1 | +.. _desktop/network: |
| 2 | + |
| 3 | +Network Settings |
| 4 | +================ |
| 5 | + |
| 6 | +In general, Cryptomator does not require a network connection to function. |
| 7 | + |
| 8 | +If the network connection is present, it is used for optional features, i.e. update checks and searching the error database for solutions. |
| 9 | +The only exception is when unlocking :ref:`Cryptomator Hub <hub/introduction>` vaults, then a network connection to the hub server is required. |
| 10 | +All network connections to the internet are using HTTPS with at least TLS 1.2. |
| 11 | + |
| 12 | + |
| 13 | +.. _desktop/network/trust-certificate-management: |
| 14 | + |
| 15 | +Trust Certificate Management |
| 16 | +----------------------------- |
| 17 | +Depending on the OS, the required trusted root certificates are loaded from different locations. |
| 18 | + |
| 19 | ++---------+--------------------------------------------------------------------------------------------------------------------------------+ |
| 20 | +| OS | Trust store | |
| 21 | ++=========+================================================================================================================================+ |
| 22 | +| Linux | | PKCS#12 file ``/etc/cryptomator/certs.p12``; If the file does not exist, the JDK default | |
| 23 | +| | | trust store is used. [1]_ | |
| 24 | ++---------+--------------------------------------------------------------------------------------------------------------------------------+ |
| 25 | +| macOS | System keychain | |
| 26 | ++---------+--------------------------------------------------------------------------------------------------------------------------------+ |
| 27 | +| Windows | | Certificate store "Trusted Root Certification Authorities", with registry path | |
| 28 | +| | | ``HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\`` | |
| 29 | ++---------+--------------------------------------------------------------------------------------------------------------------------------+ |
| 30 | + |
| 31 | +Remarks: |
| 32 | + |
| 33 | +.. [1] For more information about the location and contained certificates, see `JEP 319 <https://openjdk.org/jeps/319>`_. |
| 34 | +
|
| 35 | +
|
| 36 | +.. _desktop/network/proxy-server: |
| 37 | + |
| 38 | +Proxy Server |
| 39 | +------------ |
| 40 | +The default proxy server differs depending on the operating system: |
| 41 | + |
| 42 | ++---------+-----------------------+ |
| 43 | +| OS | Default proxy setting | |
| 44 | ++=========+=======================+ |
| 45 | +| Linux | No proxy | |
| 46 | ++---------+-----------------------+ |
| 47 | +| macOS | Use system proxy | |
| 48 | ++---------+-----------------------+ |
| 49 | +| Windows | Use system proxy | |
| 50 | ++---------+-----------------------+ |
| 51 | + |
| 52 | + |
| 53 | +To change the proxy server, you need to edit :ref:`Cryptomator.cfg <desktop/advanced-settings/locating-system-wide-advanced-configuration>`. |
| 54 | +Open the file in a text editor, search for the line:: |
| 55 | + |
| 56 | + java-options=-Djava.net.useSystemProxies=true |
| 57 | + |
| 58 | +and *if it exists*, only replace the word ``true`` with ``false``. |
| 59 | + |
| 60 | +In the second step, add the following lines to the end of the file:: |
| 61 | + |
| 62 | + java-options=-Dhttp.proxyHost=[1] |
| 63 | + java-options=-Dhttp.proxyPort=[2] |
| 64 | + java-options=-Dhttps.proxyHost=[1] |
| 65 | + java-options=-Dhttps.proxyPort=[2] |
| 66 | + java-options=-Dhttp.nonProxyHosts=localhost|127.0.0.1|cryptomator-vault|[3] |
| 67 | + |
| 68 | +and replace ``[1]`` with the host address of the proxy server, ``[2]`` with the port used on the proxy server and ``[3]`` with the list of host addresses, which should not use the proxy server, separated by '|'. |
0 commit comments