Sparrow/Umbrel connection, Use SSL off

Hi all, your thoughts on this would be appreciated. thanks!

. Umbrel - Rasp PI4, ethernet, ssd
.Sparrow - win11 laptop

When setting up my Sparrow/Umbrel connection, I followed the Umbrel instructions for Sparrow preferences exactly:
Type: Private Electrum
URL: supplied by Umbrel
Use SSL: on

No joy!

I was able to get the connection working only by turning ‘Use SSL’ off. With the change, I am consistently connecting.

Since this is all Tor (right?) I’m not real worried. But would you consider this connection unsafe/not private?

And one more: the .onion address supplied by Umbrel for the Sparrow connection doesn’t match the .onion address I use to access my Umbrel server directly in the Tor browser (supplied by Umbrel when I set up the Umbrel server). Why is that and is it safety/privacy issue?

Thanks again!

Because you didn’t follow EXACTLY the instructions.
It is very clear there specified that you need to run Tor as a service in your local PC (where is installed Sparrow) and connect Sparrow through that local proxy
You can use also local IP of your node, without Tor.
But you will need to open port in ufw in your node and set a static IP for you node… so more tinkering.

Thanks, DC. But hmmm …

These are the instructions I got from Umbrel (umbrel/local: Connect Wallet/Select Wallet/Sparrow):

Looks like a bone-head mistake on my part, the instructions plainly call for disabling SSL! I read that wrong.

Anyway, it seems my connection set up is fine. Am I missing something?

Yes, what is wrong with disabling SSL on LAN ?
Is somebody else between your router, node and your PC?
I don’t think so… otherwise you would have a much bigger problem.

Thanks again, DC, that makes perfect sense to me. But it does bring up another hmmm…

Since my Private Electrum URL is a .onion site, doesn’t that mean I’m accessing my node via the Tor network? Hence going outside my LAN, 5 hops, etc. Of course, I would assume it also means I’m end to end encrypted even though I’m not using SSL since the last hop is to a .onion site.

Do I have all that right?

Yes, you can use the onion site, but all that traffic is encrypted anyway. That’s Tor. Tor is NOT using https, because is not using ports. Only encrypted packages.
But yes, you can use your internal static IP of your node to connect, without going out on Tor.
Tor connection should be used ONLY if you access your node from outside of your LAN.
Now you can even use the new app in Umbrel Tailscale, making a private VPN to your node. Works great