Can't use meek with any domain.

[itslannas]

I have been using meek-client to connect to Tor, using Cloudfront.
I know Amazon has blocked domain fronting, but in my case, there is no need for domain fronting. I'm just using ​https://d2cly7j4zqgua7.cloudfront.net/ without fronting to connect, as *.cloudfront.net is whitelisted on the firewall. The problem is it just won't finish the handshake. I've even tried creating a cloudfront distribution myself, or hosting it on my own domain (on another network), and testing it but it just won't connect.

May 14 22:53:09.000 [warn] Problem bootstrapping. Stuck at 10%: Finishing handshake with directory server. (DONE; DONE; count 6; recommendation warn; host 0000000000000000000000000000000000000000 at 0.0.0.0:2)
May 14 22:53:09.000 [warn] 6 connections have failed:
May 14 22:53:09.000 [warn] 6 connections died in state handshaking (TLS) with SSL state SSLv2/v3 read server hello A in HANDSHAKE

[cypherpunks]

d2cly7j4zqgua7.cloudfront.net

This distribution is down by amazon request.

I've even tried creating a cloudfront distribution myself

What "Origin Domain Name" used?

hosting it on my own domain (on another network)

Which way? Reflector? Meek bridge?

[cypherpunks]

Try using meek-azure, that bridge is still working.

[dcf]

If you don't need a front, you can just connect to a bridge directly, like this:

Bridge meek 0.0.2.0:2 url=https://meek.bamsoftware.com/

comment:3 is right, for now you should be able to use the azure bridge, with or without fronting

Bridge meek 0.0.2.0:3 97700DFE9F483596DDA6264C4D7DF7641E1E39CE url=https://meek.azureedge.net/ front=ajax.aspnetcdn.com
Bridge meek 0.0.2.0:3 97700DFE9F483596DDA6264C4D7DF7641E1E39CE url=https://meek.azureedge.net/

(But also be aware that we are probably going to modify that CDN configuration soon, so the something.azureedge.net part will change.)

For hosting your own CloudFront distribution, there are some hints at doc/meek#AmazonCloudFront.