Changed my LAN IP to 192.168.9.1 (I have multiple GL.iNet routers and am routing between them along with my core network)
The issue this causes is that the /etc/config/gl_nas/ssl_webdav.pem file is encoded with 192.168.8.1 as the IP address. Clients attempting to access throw an error saying that it's for the old IP instead of the new IP.
I need to have a way to regenerate the pem file with the new LAN IP address.
Note that this is NOT for basic web access - this is for WebDAV over HTTPS
Hi,
I try to test in my MT3000 with v4.7.4, it seems not reproduce this issue, and the /etc/config/gl_nas/ssl_webdav.pem seems not point to 192.168.8.1, only records cert info.
Summary
root@GL-MT3000:~# cat /etc/config/gl_nas/ssl_webdav.pem
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC7VxJQO2y9493b
h0xvPUuBwASqz18KfL70hy84JMEA3BwxlRnBf5PBQLMiGbxonXfQJNLR9syK32xC
NF9CZUBy/jlOufYTfCfiKhEVtOVSGtVyrHLFLg4CbtUKc34fxkdMy9tTMuszzET6
iiVzswpPlm8P9we2Wdp7xiNYdD/CSvIdiJqs5og3G+byj7wNMTPkswCNYan6QjVp
z9MUGwWMp/62ch7HZ0qj4mmfOZTxcA83fVTnQJBlWEHjNZgZTfIkPHvV5RmHRNdh
i4F1C0MaXyA6TVxqFKBzsUsbB3qm1hEKdodlnPlgVHNR00gnHIDViUiyqtUeKcLR
G2M8NnNHAgMBAAECggEBAIZnH4JkP820LzUSSmn8RbGeuzp4cC0r9iuk2OGkrLsb
Lzb7S3EhQDYDXwD2Cc/cOVshMAbm0zRGunp87GLMFYLqlN7AV6T/C/YcTAmQsH1J
Nx2ATw7bzb09GqbW2QOe0wRrtLxp6YhN4qcEeX4aUylqOd/wUJ4otLDcI/uP2zZe
KDmrUwVSocmJbpnl0DLr4/MYax6ilO5JRMujv13NlEDzZUlIraspUSAQHjhBy6qy
vkDUKxEnxALaWP87nwxEif7TUV7ZisaN3ILzdKiScNbLOl5Go/qntujIFpW8E4kT
Qm4lfIHXJ3JSN79xtECYvXQaUW2BtIfEMzjnavYUDuECgYEA3Wgq3LPeNe4VdvSm
8Ed6eJ+wNjQwgeEKutd8RZ8eYLpFIiuWMgH52f8TUIqxM0NjuGoPCCHM5z3TeDLE
vW41wtWVAy+KPAkA78PxFTQ3hweZf72XcHV9xL9TdXBBIvRXmkLW2ign7naEp3hV
JwFKQiK06+x1Z40Q+cUgHeA33ukCgYEA2JxNFp7IXJXz059+37IteeffF/k5lmHQ
yRGT1qAojL4L7gQq7vuNtvtqt67WC6aLCyJP0iYfr5YvqnXoHSYlwGmexQF2Q91I
eParDZzm+sHUkmCLhxcfE6FLLzkNfL9tJD2yzlCipsmoMOUERzn7rdIdvPCd7w5a
qT5dDxQFQq8CgYEApPVDWgQ4/v1PyL0m08atnMl9RCVGLr44fFSoJkcTHwYpE/hd
gwyt1pmRDmUG+SawWWnLoUdtnqwVrmxE4M4ICA2RZDo7R9d9dyYJrL6m0Ff9KYtc
FVG0Tq4txEXKgfyCeFBsO0XH2oc69ntVFiaD6RpqqYwXPPuBNlaEQz4W4mECgYAP
UcaV8fbjrWtILUCQ244h0AdUL7kl7JcSkV6uUDdt9MbtN3g93KaiKVfb086plkbB
K9UPXMji5zFJ0frvjNIgsJedAUR2+kB05aUlWlJvq6O4EoHrtPPqtH6XwWY1y2gR
pxdtRgCq4Ro3EwthajVljrWxtibFUHOTAqkcNuNEWwKBgHvPJEfBrv+Ao+KLvu4P
D2fMa5LlMId4lCrRStp1pDI6jIBMqgtKP28cel3d2yF6oowBCMKioo5O7qRfEbu+
Wo8jHr1PwulhSDXw9kRSkzGGPrcGrE8xAII3sv1F5OOzjuCKFDcB5wJpmDWt6GeW
bDxfnMAnLO5Q+KrdEOXfvfAq
-----END PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIDoDCCAoigAwIBAgIUNsOaqAcGmEzzEyAdS1mUmUx/m24wDQYJKoZIhvcNAQEL
BQAwZDELMAkGA1UEBhMCSEsxEjAQBgNVBAgMCUhvbmcgS29uZzESMBAGA1UEBwwJ
SG9uZyBLb25nMQ8wDQYDVQQKDAZHTGlOZXQxHDAaBgNVBAMME2NvbnNvbGUuZ2wt
aW5ldC5jb20wHhcNMjUwMjEzMDYyMDA4WhcNMjcwMjEzMDYyMDA4WjBkMQswCQYD
VQQGEwJISzESMBAGA1UECAwJSG9uZyBLb25nMRIwEAYDVQQHDAlIb25nIEtvbmcx
DzANBgNVBAoMBkdMaU5ldDEcMBoGA1UEAwwTY29uc29sZS5nbC1pbmV0LmNvbTCC
ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALtXElA7bL3j3duHTG89S4HA
BKrPXwp8vvSHLzgkwQDcHDGVGcF/k8FAsyIZvGidd9Ak0tH2zIrfbEI0X0JlQHL+
OU659hN8J+IqERW05VIa1XKscsUuDgJu1Qpzfh/GR0zL21My6zPMRPqKJXOzCk+W
bw/3B7ZZ2nvGI1h0P8JK8h2ImqzmiDcb5vKPvA0xM+SzAI1hqfpCNWnP0xQbBYyn
/rZyHsdnSqPiaZ85lPFwDzd9VOdAkGVYQeM1mBlN8iQ8e9XlGYdE12GLgXULQxpf
IDpNXGoUoHOxSxsHeqbWEQp2h2Wc+WBUc1HTSCccgNWJSLKq1R4pwtEbYzw2c0cC
AwEAAaNKMEgwCwYDVR0PBAQDAgXgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMCQGA1Ud
EQQdMBuCE2NvbnNvbGUuZ2wtaW5ldC5jb22HBMCoCAEwDQYJKoZIhvcNAQELBQAD
ggEBAGMxMshnw8Km9Y+0+bX7ENMrEouKrUvgQiUqQ4kWLKlWYU9b4oStRSUWcJNV
oEXwhf4KnbwQcNc0mCMxmND1r/zpMwuhpBm5+MlUFDmFqW1sSeON5V3jVoW+tn0B
coA2D1BX0wYRVHJMqFD9hNcUbZw+ux4BDZlBFz63pcwGgLzKbcVFrDUDlHG2GGWG
jY1yBf576pK4Ke+4EArAz9p7TUKBWysIlstw41VFiSdyNfzJ8+4NurfeFMlR/MNS
8PfWKOIF1ycBc51AryiweEDdY9CS1T1WPPAcchGOSjGuFS9y5Zw6PY6cGVSRDdQs
UgpfpHl7o9AnL2HI4ULJ2aM4vLg=
-----END CERTIFICATE-----
Yeah not sure how our steps were different in the changing of LAN IP/network. I'm not sure where in the setup workflow the .pem file gets created and/or refreshed. Can you confirm that the .pem is supposed to be re-created when the LAN IP gets changed? I could try changing my LAN IP to 192.168.10.X and then back to 192.168.9.X and see if it refreshes - but that's a wasted step if the .pem is not recreated upon save of the new LAN IP.
Same issue here. Tried using webdav (usb harddrive). Connecting by webdav gives "certificate is for 192.168.8.1" but I (had to) change this.
I wanted to use restic-backup (via rclone) and rclone stops with such a "wrong" certificate". Filemaneger (Nautilus on Linux) runs it, but only after manual confirmation. Seems to be, that the router (AX-1800, Firmware 4.6.8) does not update certificate under /etc/config/gl_nas/ssl_webdav.pem whern changing router IP.
How to do this manually?
Yup - that's basically what I saw too - in my case using TrueNAS with a WebDAV credential and doing a Cloud Sync. Throws a similar error that the credential is for the wrong IP.