ContextQMD
Back to Sing Box

Trojan

docs/manual/proxy-protocol/trojan.md

1.13.115.2 KB
Original Source

Trojan

Trojan is the most commonly used TLS proxy made in China. It can be used in various combinations.

Protocol and implementation combinationSpecificationResists passive detectionResists active probes
Origin / trojan-gfwtrojan-gfw.github.io:material-check::material-check:
Basic Go implementation/:material-alert::material-check:
with privates transport by V2RayNo formal definition:material-alert::material-alert:
with uTLS enabledNo formal definition:material-help::material-check:

:material-text-box-check: Password Generator

Generate PasswordAction
<code id="password"><code><button class="md-button" onclick="generate()">Refresh</button>
<script> function generate() { const array = new Uint8Array(16); window.crypto.getRandomValues(array); document.getElementById("password").textContent = btoa(String.fromCharCode.apply(null, array)); } generate(); </script>

:material-server: Server Example

=== ":material-harddisk: With local certificate"

```json
{
  "inbounds": [
    {
      "type": "trojan",
      "listen": "::",
      "listen_port": 8080,
      "users": [
        {
          "name": "example",
          "password": "password"
        }
      ],
      "tls": {
        "enabled": true,
        "server_name": "example.org",
        "key_path": "/path/to/key.pem",
        "certificate_path": "/path/to/certificate.pem"
      },
      "multiplex": {
        "enabled": true
      }
    }
  ]
}
```

=== ":material-auto-fix: With ACME"

```json
{
  "inbounds": [
    {
      "type": "trojan",
      "listen": "::",
      "listen_port": 8080,
      "users": [
        {
          "name": "example",
          "password": "password"
        }
      ],
      "tls": {
        "enabled": true,
        "server_name": "example.org",
        "acme": {
          "domain": "example.org",
          "email": "[email protected]"
        }
      },
      "multiplex": {
        "enabled": true
      }
    }
  ]
}
```

=== ":material-cloud: With ACME and Cloudflare API"

```json
{
  "inbounds": [
    {
      "type": "trojan",
      "listen": "::",
      "listen_port": 8080,
      "users": [
        {
          "name": "example",
          "password": "password"
        }
      ],
      "tls": {
        "enabled": true,
        "server_name": "example.org",
        "acme": {
          "domain": "example.org",
          "email": "[email protected]",
          "dns01_challenge": {
            "provider": "cloudflare",
            "api_token": "my_token"
          }
        }
      },
      "multiplex": {
        "enabled": true
      }
    }
  ]
}
```

:material-cellphone-link: Client Example

=== ":material-web-check: With valid certificate"

```json
{
  "outbounds": [
    {
      "type": "trojan",
      "server": "127.0.0.1",
      "server_port": 8080,
      "password": "password",
      "tls": {
        "enabled": true,
        "server_name": "example.org"
      },
      "multiplex": {
        "enabled": true
      }
    }
  ]
}
```

=== ":material-check: With self-sign certificate"

!!! info "Tip"
    
    Use `sing-box merge` command to merge configuration and certificate into one file.

```json
{
  "outbounds": [
    {
      "type": "trojan",
      "server": "127.0.0.1",
      "server_port": 8080,
      "password": "password",
      "tls": {
        "enabled": true,
        "server_name": "example.org",
        "certificate_path": "/path/to/certificate.pem"
      },
      "multiplex": {
        "enabled": true
      }
    }
  ]
}
```

=== ":material-alert: Ignore certificate verification"

```json
{
  "outbounds": [
    {
      "type": "trojan",
      "server": "127.0.0.1",
      "server_port": 8080,
      "password": "password",
      "tls": {
        "enabled": true,
        "server_name": "example.org",
        "insecure": true
      },
      "multiplex": {
        "enabled": true
      }
    }
  ]
}
```