Menu
What's new
By:
Filters Better Search

Certificate Verification issue with RT-N66U

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

P

programatix

Occasional Visitor
Hi,

I'm new with AsusWRT-Merlin and I'm encountering problem accessing HTTPS site from SSH.

When I tried executing WGET with HTTPS, I get, "ERROR: cannot verify ... certificate".

The same thing happen when I tried to use EASY_INSTALL. It would complain SSL: CERTIFICATE_VERIFY_FAILED.

Apparently from the search in the internet, I came to understand that I'm missing the CA certs in the router. However, I couldn't find the way to install or update them.

Any would be greatly appreciated. Thanks in advance.
 
I also await with interest an authoritative answer to your question.

In the meantime, did you see what you get if you try the same thing from Putty or from a Linux terminal?

Reading around it seems server authentication using certificates in ssh, rather than (or as well as?) the standard hashed fingerprint, is a relatively recent introduction and not all that common.
 
Last edited:
Use Curl instead. I configured it to use a CA bundle that I added to the firmware, but the wget build Asus added a few months ago does not point to the same CA list.

You can also manually point wget to the CA bundle:

Code: 
wget https://www.google.com --ca-certificate=/rom/ca-bundle.crt
 
Hi,

I now encountering more problem related to root certificate. Python scripts that accessed HTTPS site also have this very same issue. Is there a way to make Python to point to the CA bundle?
 
programatix said:
Hi,

I now encountering more problem related to root certificate. Python scripts that accessed HTTPS site also have this very same issue. Is there a way to make Python to point to the CA bundle?
Click to expand...

Since Python is not part of the firmware, that will be up to whoever packaged your Python build.
 
Hi,

Ok. I think I resolved the problem. It turns out that I just need to install the ca-certificates package. A simple,
Code: 
opkg install ca-certificates
resolves the issue.

Thanks for all the help.
 
You must log in or register to reply here.

Similar threads

M
Importing own certificate broken on 3004.388.6 ?
Replies
9
Views
2K
RMerlin
RMerlin
N
Solved Unable to connect to VPN server with self-signed certificate
Replies
0
Views
815
nino_070
N
Rana Imran
Traffic Analyzer Stats Issue on ASUS RT-AX82U AiMesh System
Replies
1
Views
617
Rana Imran
Rana Imran
J
Help/advice needed for accessing GT-AX11000 SMB shares from WSL
Replies
6
Views
445
DJones
D
R
Solved At Wits End. OpenVPN Certificate Connection issue with Asus Router
Replies
4
Views
2K
Clark Griswald
Clark Griswald
Similar threads
Thread starter Title Forum Replies Date
hartacus Import own certificate from step-ca Asuswrt-Merlin 0
N HTTPS/SSL Certificate issue when using WWW.NAMECHEAP.COM in DDNS Asuswrt-Merlin 4
M DuckDNS DDNS with Let's Encrypt certificate Asuswrt-Merlin 1
M Importing own certificate broken on 3004.388.6 ? Asuswrt-Merlin 9
TheAccountOfTeo997 Router using wrong Certificate after update to 3004.388.6 Asuswrt-Merlin 7
Skeptical.me DDNS>Webui SSL Certificate>Server Certificate: "Authorizing” Asuswrt-Merlin 8
J Why do I need a Let's Encrypt certificate? Asuswrt-Merlin 11
N Solved Unable to connect to VPN server with self-signed certificate Asuswrt-Merlin 0
D WAN IP and hostname verification not respecting interval Asuswrt-Merlin 2
C "Disassociated because sending station is leaving (or has left)" - Roaming issue? Asuswrt-Merlin 3

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 907 (members: 31, guests: 876)
Top