SmallNetBuilder Forums
Go Back   SmallNetBuilder Forums > Wireless Networking > ASUS Wireless > Asuswrt-Merlin

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 02-28-2013, 12:17 PM
adolchristin adolchristin is offline
New Member
 
Join Date: Feb 2013
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
adolchristin is just starting out
Default Store https certificate in NVRAM

First of all I'm a recent convert to merlinwrt and I must say that I think it's fantastic.

Is there a way to store the certificate for https in NVRAM so it's not regenerated at boot every time?
Reply With Quote
  #2  
Old 03-01-2013, 10:39 AM
sabot105mm sabot105mm is offline
Member
 
Join Date: Feb 2013
Posts: 47
Thanks: 3
Thanked 4 Times in 1 Post
sabot105mm is just starting out
Default

Look at this. It downloads the cert to jffs dir, much better this way

wget -c -O /jffs/configs/Equifax_Secure_Certificate_Authority.pem http://www.geotrust.com/resources/ro..._Authority.pem

https://github.com/RMerl/asuswrt-mer.../Sending-Email
Reply With Quote
  #3  
Old 03-01-2013, 11:09 AM
adolchristin adolchristin is offline
New Member
 
Join Date: Feb 2013
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
adolchristin is just starting out
Default

I'm not quite sure I understand. So once I have this certificate stored in jffs how do I use it to override the https server certificate in merlin wrt?
Reply With Quote
  #4  
Old 06-18-2013, 05:34 AM
ingenium ingenium is offline
New Member
 
Join Date: Jan 2013
Posts: 4
Thanks: 0
Thanked 4 Times in 2 Posts
ingenium is just starting out
Default

Yeah, how would I set httpd to use this certificate instead of the auto-generated, self-signed one? I want to replace it with one that's trusted on my computers. I don't think it's in the NVRAM anywhere. "nvram show|grep CERTIFICATE" only brought up my VPN certificates. It doesn't look like the process has any more files open:

Code:
admin@RT-AC66U:~# ls -l /proc/`ps | grep 'httpd -s' | awk '{print $1}' | head -1`/fd/*
lr-x------    1 admin    root            64 Jun 18 02:27 /proc/557/fd/0 -> /dev/null
l-wx------    1 admin    root            64 Jun 18 02:27 /proc/557/fd/1 -> /dev/null
lr-x------    1 admin    root            64 Jun 18 02:27 /proc/557/fd/10 -> /tmp/Semaphore3
l-wx------    1 admin    root            64 Jun 18 02:27 /proc/557/fd/11 -> /tmp/Semaphore3
lrwx------    1 admin    root            64 Jun 18 02:27 /proc/557/fd/12 -> socket:[1641]
lrwx------    1 admin    root            64 Jun 18 02:27 /proc/557/fd/13 -> socket:[1728]
l-wx------    1 admin    root            64 Jun 18 02:27 /proc/557/fd/2 -> /dev/null
lrwx------    1 admin    root            64 Jun 18 02:27 /proc/557/fd/3 -> /dev/nvram
lr-x------    1 admin    root            64 Jun 18 02:27 /proc/557/fd/4 -> /tmp/Semaphore0
l-wx------    1 admin    root            64 Jun 18 02:27 /proc/557/fd/5 -> /tmp/Semaphore0
lr-x------    1 admin    root            64 Jun 18 02:27 /proc/557/fd/6 -> /tmp/Semaphore1
l-wx------    1 admin    root            64 Jun 18 02:27 /proc/557/fd/7 -> /tmp/Semaphore1
lr-x------    1 admin    root            64 Jun 18 02:27 /proc/557/fd/8 -> /tmp/Semaphore2
l-wx------    1 admin    root            64 Jun 18 02:27 /proc/557/fd/9 -> /tmp/Semaphore2
I can't figure out what the Semaphore files are for... they all have a 0 byte size.

Last edited by ingenium; 06-18-2013 at 05:36 AM.
Reply With Quote
  #5  
Old 06-18-2013, 01:13 PM
ingenium ingenium is offline
New Member
 
Join Date: Jan 2013
Posts: 4
Thanks: 0
Thanked 4 Times in 2 Posts
ingenium is just starting out
Default

I figured out the default locations for the certificate. It's the same as dd-wrt (I'm guessing the same http server is used).

Put your certificate and key in /jffs/keys. Then add the following to /jffs/scripts/services-start
Code:
mv /tmp/etc/key.pem /tmp/etc/key.pem.bak
mv /tmp/etc/cert.pem /tmp/etc/cert.pem.bak
cp /jffs/keys/key.pem /tmp/etc/key.pem
cp /jffs/keys/cert.pem /tmp/etc/cert.pem
service restart_httpd
Reply With Quote
The Following User Says Thank You to ingenium For This Useful Post:
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


All times are GMT -4. The time now is 04:24 AM.


Top 10 Stats
Top Posters* Top Thanked
RMerlin  341
sm00thpapa  228
stevech  185
azazel1024  148
KGB7  138
htismaqe  88
jim769  83
philmiami  77
AcostaJA  69
ColinTaylor  59
RMerlin  5081
stevech  315
ryzhov_al  249
TeHashX  209
RogerSC  187
L&LD  186
joegreat  123
jlake  122
sfx2000  111
sinshiva  111
Most Viewed Threads* Hottest Threads*
Old ASUS RT-N66U...  23755
Old NETGEAR...  12962
Old Switched...  7180
Old 3.0.0.4.376.1...  6739
Old NEW RT-AC68R...  6513
Old ASUS...  5932
Old ASUS RTAC68U...  3483
Old Netgear...  3278
Old ASUS...  2937
Old N66U daily...  2840
Old ASUS RT-N66U...  169
Old NETGEAR...  161
Old Switched...  63
Old NEW RT-AC68R...  56
Old ASUS...  55
Old N66U daily...  47
Old Which router...  41
Old ASUS RTAC68U...  41
Old Netgear...  41
Old ASUS...  38


Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
© 2006-2014 Pudai LLC All Rights Reserved.