Note that I have posted this in the openwrt forums here.
I am trying to add an SSL certificate to my router so that I can access the router securely, and not worry about any browser warnings. Although I only access the router directly via ethernet, I would still like that extra bit of security. I’m also trying to learn.
I attempted to do this using the openwrt documentation here and elsewhere. I came across some issues. In step 7, it says go to LuCI > Services. There is no Services in my interface. I checked everywhere and couldn’t find it. I am using the GL-iNet GL750 “Mudi”. OpenWrt version 19.07.8.
Is there a way to complete the steps in the terminal, not in the interface?
I could not find any clear instructions that are relevant to my issue in the link provided. It’s a wall of text that I don’t understand.
I remember copy-pasting code that looked similar to this into my router, using instructions I found elsewhere, but I can’t remember where I got it, and I don’t remember where the file is supposed to go. I removed any new files I made in /etc/ssl. Note that I can no longer access my router in the web UI, but I can ssh into it.
Update: I did a factory reset because I’m pretty sure I borked the software.
To be honest: If you don’t know anything, and you are not familiar with nginx nor basic linux configuration … just stay with the cert that is integrated.
Copy and paste isn’t the solution to your problem.
To be honest: If you don’t know anything, and you are not familiar with nginx nor basic linux configuration … just stay with the cert that is integrated.
Copy and paste isn’t the solution to your problem.
4ever_sunshine disagree. depend scenario. user say know how to factory reset. One need to break device to inform brain on new things. No inform brain if no try
One get excite by copypaste … one take time inform brain
any birds::
Does process here help?
---------------No recommend after steps until one has knowledge-------------------------
To additional security
create the nonroot user
Set cap on port so nginx run non root but also can use port 80/443
another chance::
this one very create I like and my go ahead … allow extra debug position, can route different 80 port traffic to different services for origination characters different
set nginx to run as non root user
set permissions of cert+key to non root user
still is hole because root can achieve cert+key because root but one should be using non-root root up account only by regular. one can fix by running modify root account… not recommend for stable env until one know why happens happen, but here words to inform
That’s a far cry from what I said. I didn’t say I don’t know anything. I said the article linked doesn’t provide any instructions whatsoever and so I cannot intuit how to proceed to fix my issue. I have more than basic Linux knowledge, and I assure you that I actually want to get this done. At the very least I want to learn how to do it. I am in fact studying computer security, and I’ve played around with nginx a little bit in the past.
Good lord, are you trying to sound incomprehensible or is that how your normally type?
The article you linked to install an SSL certificate doesn’t seem relevant to me. They’re assuming I received my SSL certificate in zip file, with server, root and intermediate certificates. I’m fairly certain I don’t need those. I’m going with a self signed certificate, I’m guessing they are for domain certificates that you get from say LetsEncrypt. In any case, all of the research I’ve done to create self signed certificates have not involved any of the steps involved in that article. I’ve already done it with my home router.
good infos