the fast, reliable localhost tunneling solution

Connection Problems on Debian 9

By Bjarni RĂșnar 2017-10-14, 18:57

We have been getting multiple reports that users of on recent distributions (mostly Debian 9 or distributions derived from Debian 9) have been having difficulties connecting to the our relay servers.

This is due to the fact that Debian 9 stopped shipping the CA Certificate for StartCom, which we are still relying on for a few things. This is (in our opinion) a misguided bit of security theater - our certificate was issued before the problems which caused StartCom to lose their status as a Certificate Authority and there is no reason to believe it has been compromised in any way. As far as I know, the browser vendors by and large still trust it, but Debian decided to remove it anyway.

We are working on an update to to work around the problem until we can switch certificates. This has taken longer than we had hoped, but should be public within the next few weeks.

In the meantime, we recommend the following workarounds.

For use of on the CLI:

$ --ca_certs=$(which ...

Alternately, update your configuration. In either /etc/pagekite.d/20_frontends.rc (for PageKite running as a daemon) or ~/.pagekite.rc, add the following line:

ca_certs = /path/to/

If you have installed the Debian package, then use the path to pagekite instead of The correct path can be found by using the command which pagekite or which (whichever command you use to launch PageKite).


None, comments are closed.

The Blog

Welcome to the PageKite blog!

Here we write about anything and everything to do with running the service, building a company, open-source, privacy online... you name it.

But mostly it's about PageKite.

Other venues