When you create the cert and ca from v2.3.0 in diversion(ep, 3, 2) it purges the old cert and keys then create the new one. When downgrading to v2.2.1, I did the extreme, uninstall diversion and entware then install diversion, entware packages that includes pixelserv.
I started this thread not because of the certificates, it's fine I actually use it to access the router securely from a Win10, but because pixelserv is not functioning as it should, it's too aggressive that it causes some sites to get blocked and resulting sites to come up blank, instead of blocking a portion of the site(the ad part), it blocks everything. If you have time please click this
https://www.verizon.com/home/myverizon/ while using diversion/pixelserv v2.3.0. I've been wondering if I'm the only one experiencing the results, I've ask two members to do but there are no responses yet.