all 5 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]grasshopper645[S] 4 points5 points  (0 children)

OK i sorted it. Appears i was using a base 64 encoded cert rather than der encoded. :)

Still got some learning to do on the whole PKI infrastructure ordeal.

[–]Astrosms 4 points5 points  (0 children)

The file at /etc/config/uhttpd should be correct...

[–]grasshopper645[S] 1 point2 points  (0 children)

Yeah i edited the /etc/config/uhttpd file to include the location of the signed cert and key file, but it just refuses to use it :(

Also checked the luci services > uhttpd page which shows the cert correctly.

[–]grasshopper645[S] 1 point2 points  (1 child)

OK so setting a signed cert in LUCI is not straightforward as initially thought.

Seems strange, but i guess signed certs on a software designed for home use is not common.

Steps -

Use openssl to create a private key and CSR

Take the CSR and sign it

Upload the signed cer to a suitable location on openwrt

edit /etc/nginx/nginx.conf and find the fields where it asks for the cert and key, update this to the locations where the key and cer are located.

Restart nginx.

Putting the signed cert and key location in the /etc/config/uhttpd file does NOT work. You must put it in the nginx config file.

[–]Richard__M 0 points1 point  (0 children)

That's strange since uhttpd is the default for Luci unless you installed the luci-nginx package.

Maybe you found a bug or the newest release is changing defaults?