I have further researched within the forum and found this thread here, where it’s said that Umbrel does not support gRPC connections, which seem to be the case for Impervious browser.
Since Impervious does not currently support TOR connections, a hybrid node becomes a pre-requisite.
Umbrel certificate is generated to support only internal hosts, therefore the following steps need to be taken:
In your lnd.conf, add the following entry under [Application Options]: tlsextradomain=[YOUR_DOMAIN] where you replace [YOUR_DOMAIN] with the DNS created during your hybrid configuration.
There’s also the tlsextraip=[YOUR_IP] entry, but that one would need to be updated every time the node IP changes, so I did not bother adding it.
Remove the certificate and key files so that they can be re-generated with the new configs upon node restart: rm ~/umbrel/app-data/lightning/data/lnd/tls.cert ~/umbrel/app-data/lightning/data/lnd/tls.key
Restart the lightning service
And that’s it! After that, once you generate the hex for your tls.cert file, it will have the proper contents for Impervious browser to reach it and establish a successful connection.
For TLS hex string you can copy the cert file contents ( ~/umbrel/app-data/core-lightning/data/lnd/tls.cert ) and put it into a cert-2-hex converter, or pem-2-hex convert (google it). Then you have the hex string.
You could otherwise install: sudo apt-get install -y xxd to do it like others have said.