[GH-ISSUE #1913] [RFC] frp should have TLS certificate auth #1516

New issue

Closed

opened 2026-05-05 12:57:32 -06:00 by gitea-mirror · 5 comments

gitea-mirror commented 2026-05-05 12:57:32 -06:00

Owner

Copy link

Originally created by @ghost on GitHub (Jul 22, 2020).
Original GitHub issue: https://github.com/fatedier/frp/issues/1913

https://golang.org/src/crypto/tls/auth.go

As a sad story said. the FRP token base auth may be a bit weakness.

So please provided us the TLS certificate auth.

User must have the valid private cert , to pass the auth progress.

Originally created by @ghost on GitHub (Jul 22, 2020). Original GitHub issue: https://github.com/fatedier/frp/issues/1913 https://golang.org/src/crypto/tls/auth.go <img width="627" alt="微信图片_20200722165213" src="https://user-images.githubusercontent.com/66301650/88156532-24756980-cc3c-11ea-8659-cb19359f5a2d.png"> As a sad story said. the FRP token base auth may be a bit weakness. So please provided us the TLS certificate auth. User must have the valid private cert , to pass the auth progress.

gitea-mirror 2026-05-05 12:57:32 -06:00

• closed this issue
• added the
  todo
  label

gitea-mirror commented 2026-05-05 12:57:35 -06:00

Author

Owner

Copy link

@fatedier commented on GitHub (Jul 23, 2020):

We have already planned to support the certificate auth for TLS.

But maybe it's doesn't solve the problem in the image you paste. stcp is designed to avoid this security issue.

<!-- gh-comment-id:662854155 --> @fatedier commented on GitHub (Jul 23, 2020): We have already planned to support the certificate auth for TLS. But maybe it's doesn't solve the problem in the image you paste. [stcp](https://github.com/fatedier/frp#expose-your-service-privately) is designed to avoid this security issue.

gitea-mirror commented 2026-05-05 12:57:36 -06:00

Author

Owner

Copy link

@ghost commented on GitHub (Jul 23, 2020):

I am using sctp already, but the authenticated really really need to improve. Not just by token. it's short and may be crack .
The certificate may be harder to crack

<!-- gh-comment-id:662871132 --> @ghost commented on GitHub (Jul 23, 2020): I am using sctp already, but the authenticated really really need to improve. Not just by token. it's short and may be crack . The certificate may be harder to crack

gitea-mirror commented 2026-05-05 12:57:37 -06:00

Author

Owner

Copy link

@limaofu commented on GitHub (Aug 17, 2020):

你这个情况和frp有什么关系吗？

<!-- gh-comment-id:674744871 --> @limaofu commented on GitHub (Aug 17, 2020): 你这个情况和frp有什么关系吗？

gitea-mirror commented 2026-05-05 12:57:38 -06:00

Author

Owner

Copy link

@QQ2017 commented on GitHub (Aug 19, 2020):

你这个是应用本身的安全问题，并不是网络代理软件的问题。你应该使用STCP模式。

<!-- gh-comment-id:675884813 --> @QQ2017 commented on GitHub (Aug 19, 2020): 你这个是应用本身的安全问题，并不是网络代理软件的问题。你应该使用STCP模式。

gitea-mirror commented 2026-05-05 12:57:38 -06:00

Author

Owner

Copy link

@fatedier commented on GitHub (Sep 21, 2020):

Supported in v0.34.0

<!-- gh-comment-id:696131468 --> @fatedier commented on GitHub (Sep 21, 2020): Supported in v0.34.0

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

dev

new

master

copilot/review-pull-request-5198

v0.68.1

v0.68.0

v0.67.0

v0.66.0

v0.65.0

v0.64.0

v0.63.0

v0.62.1

v0.62.0

v0.61.2

v0.61.1

v0.61.0

v0.60.0

v0.59.0

v0.58.1

v0.58.0

v0.57.0

v0.56.0

v0.55.1

v0.55.0

v0.54.0

v0.53.2

v0.53.1

v0.53.0

v0.52.3

v0.52.2

v0.52.1

v0.52.0

v0.51.3

v0.51.2

v0.51.1

v0.51.0

v0.50.0

v0.49.0

v0.48.0

v0.47.0

v0.46.1

v0.46.0

v0.45.0

v0.44.0

v0.43.0

v0.42.0

v0.41.0

v0.40.0

v0.39.1

v0.39.0

v0.38.0

v0.37.1

v0.37.0

v0.36.2

v0.36.1

v0.36.0

v0.35.1

v0.35.0

v0.34.3

v0.34.2

v0.34.1

v0.34.0

v0.33.0

v0.32.1

v0.32.0

v0.31.2

v0.31.1

v0.31.0

v0.30.0

v0.29.1

v0.29.0

v0.28.2

v0.28.1

v0.28.0

v0.27.1

v0.27.0

v0.26.0

v0.25.3

v0.25.2

v0.25.1

v0.25.0

v0.24.1

v0.24.0

v0.23.3

v0.23.2

v0.23.1

v0.23.0

v0.22.0

v0.21.0

v0.20.0

v0.19.1

v0.19.0

v0.18.0

v0.17.0

v0.16.1

v0.16.0

v0.15.1

v0.15.0

v0.14.1

v0.14.0

v0.13.0

v0.12.0

v0.11.0

v0.10.0

v0.9.3

v0.9.2

v0.9.1

v0.9.0

v0.8.1

v0.8.0

v0.7.0

v0.6.0

v0.5.0

v0.3.0

v0.2.0

v0.1.0

Labels

Clear labels   

In Progress

  

WIP

  

WaitingForInfo

  

bug

  

doc

  

duplicate

  

easy

  

enhancement

  

future

  

help wanted

  

invalid

  

lifecycle/stale

  

need-issue-template

  

need-usage-help

  

no plan

  

proposal

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

todo

No labels

In Progress

WIP

WaitingForInfo

bug

doc

duplicate

easy

enhancement

future

help wanted

invalid

lifecycle/stale

need-issue-template

need-usage-help

no plan

proposal

pull-request

question

todo

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/frp#1516

No description provided.