
What Information Is Revealed When Using Tor and/or HTTPS - af16090
https://www.eff.org/pages/tor-and-https
======
LinuxBender
Does LetsEncrypt support .onion sites yet?

~~~
af16090
According to this Stack Overflow answer, it's not necessary to add HTTPS to
.onion sites: [https://tor.stackexchange.com/questions/6447/do-all-onion-
ad...](https://tor.stackexchange.com/questions/6447/do-all-onion-addresses-
use-ssl-tls)

Part four of this post also discusses HTTPS certs for .onion sites:
[https://blog.torproject.org/blog/facebook-hidden-services-
an...](https://blog.torproject.org/blog/facebook-hidden-services-and-https-
certs)

~~~
LinuxBender
Thankyou for that. I might contact Digicert and get one to test with. I can
see a use case where tor proxy -> server needs TLS. Tor can not protect that
last hop if it isn't on the same machine.

