github.com/sagernet/sing-box@v1.9.0-rc.20/docs/manual/proxy-protocol/trojan.md

github.com/sagernet/sing-box@v1.9.0-rc.20/docs/manual/proxy-protocol/trojan.md (about)

     1  ---
     2  icon: material/horse
     3  ---
     4  
     5  # Trojan
     6  
     7  As the most commonly used TLS proxy made in China, Trojan can be used in various combinations,
     8  but only the combination of uTLS and multiplexing is recommended.
     9  
    10  | Protocol and implementation combination | Specification                                                        | Binary Characteristics | Active Detect Hiddenness |
    11  |-----------------------------------------|----------------------------------------------------------------------|------------------------|--------------------------|
    12  | Origin / trojan-gfw                     | [trojan-gfw.github.io](https://trojan-gfw.github.io/trojan/protocol) | :material-check:       | :material-check:         |
    13  | Basic Go implementation                 | /                                                                    | :material-alert:       | :material-check:         |
    14  | with privates transport by V2Ray        | No formal definition                                                 | :material-alert:       | :material-alert:         |
    15  | with uTLS enabled                       | No formal definition                                                 | :material-help:        | :material-check:         |                             
    16  
    17  ## :material-text-box-check: Password Generator
    18  
    19  | Generate Password          | Action                                                          |
    20  |----------------------------|-----------------------------------------------------------------|
    21  | <code id="password"><code> | <button class="md-button" onclick="generate()">Refresh</button> |
    22  
    23  <script>
    24      function generate() {
    25          const array = new Uint8Array(16);
    26          window.crypto.getRandomValues(array);
    27          document.getElementById("password").textContent = btoa(String.fromCharCode.apply(null, array));
    28      }
    29      generate();
    30  </script>
    31  
    32  ## :material-server: Server Example
    33  
    34  === ":material-harddisk: With local certificate"
    35  
    36      ```json
    37      {
    38        "inbounds": [
    39          {
    40            "type": "trojan",
    41            "listen": "::",
    42            "listen_port": 8080,
    43            "users": [
    44              {
    45                "name": "example",
    46                "password": "password"
    47              }
    48            ],
    49            "tls": {
    50              "enabled": true,
    51              "server_name": "example.org",
    52              "key_path": "/path/to/key.pem",
    53              "certificate_path": "/path/to/certificate.pem"
    54            },
    55            "multiplex": {
    56              "enabled": true
    57            }
    58          }
    59        ]
    60      }
    61      ```
    62  
    63  === ":material-auto-fix: With ACME"
    64  
    65      ```json
    66      {
    67        "inbounds": [
    68          {
    69            "type": "trojan",
    70            "listen": "::",
    71            "listen_port": 8080,
    72            "users": [
    73              {
    74                "name": "example",
    75                "password": "password"
    76              }
    77            ],
    78            "tls": {
    79              "enabled": true,
    80              "server_name": "example.org",
    81              "acme": {
    82                "domain": "example.org",
    83                "email": "admin@example.org"
    84              }
    85            },
    86            "multiplex": {
    87              "enabled": true
    88            }
    89          }
    90        ]
    91      }
    92      ```
    93  
    94  === ":material-cloud: With ACME and Cloudflare API"
    95  
    96      ```json
    97      {
    98        "inbounds": [
    99          {
   100            "type": "trojan",
   101            "listen": "::",
   102            "listen_port": 8080,
   103            "users": [
   104              {
   105                "name": "example",
   106                "password": "password"
   107              }
   108            ],
   109            "tls": {
   110              "enabled": true,
   111              "server_name": "example.org",
   112              "acme": {
   113                "domain": "example.org",
   114                "email": "admin@example.org",
   115                "dns01_challenge": {
   116                  "provider": "cloudflare",
   117                  "api_token": "my_token"
   118                }
   119              }
   120            },
   121            "multiplex": {
   122              "enabled": true
   123            }
   124          }
   125        ]
   126      }
   127      ```
   128  
   129  ## :material-cellphone-link: Client Example
   130  
   131  === ":material-web-check: With valid certificate"
   132  
   133      ```json
   134      {
   135        "outbounds": [
   136          {
   137            "type": "trojan",
   138            "server": "127.0.0.1",
   139            "server_port": 8080,
   140            "password": "password",
   141            "tls": {
   142              "enabled": true,
   143              "server_name": "example.org",
   144              "utls": {
   145                "enabled": true,
   146                "fingerprint": "firefox"
   147              }
   148            },
   149            "multiplex": {
   150              "enabled": true
   151            }
   152          }
   153        ]
   154      }
   155      ```
   156  
   157  === ":material-check: With self-sign certificate"
   158  
   159      !!! info "Tip"
   160          
   161          Use `sing-box merge` command to merge configuration and certificate into one file.
   162  
   163      ```json
   164      {
   165        "outbounds": [
   166          {
   167            "type": "trojan",
   168            "server": "127.0.0.1",
   169            "server_port": 8080,
   170            "password": "password",
   171            "tls": {
   172              "enabled": true,
   173              "server_name": "example.org",
   174              "certificate_path": "/path/to/certificate.pem",
   175              "utls": {
   176                "enabled": true,
   177                "fingerprint": "firefox"
   178              }
   179            },
   180            "multiplex": {
   181              "enabled": true
   182            }
   183          }
   184        ]
   185      }
   186      ```
   187  
   188  === ":material-alert: Ignore certificate verification"
   189  
   190      ```json
   191      {
   192        "outbounds": [
   193          {
   194            "type": "trojan",
   195            "server": "127.0.0.1",
   196            "server_port": 8080,
   197            "password": "password",
   198            "tls": {
   199              "enabled": true,
   200              "server_name": "example.org",
   201              "insecure": true,
   202              "utls": {
   203                "enabled": true,
   204                "fingerprint": "firefox"
   205              }
   206            },
   207            "multiplex": {
   208              "enabled": true
   209            }
   210          }
   211        ]
   212      }
   213      ```
   214