hartacus
New Around Here
Hi,
Asus RT-AC66U B1 running Merlin 386.14_2.
I run my own CA using step-ca on my local network (primarily to access Pi-hole admin interfaces via HTTPS, mostly as a learning experience).
I generated an end-entity certificate signed by the CA and I'm trying to import the private .key and public .crt files to the router so I can access the GUI without a security message from my devices that have the CA's root certificate installed.
I get an error when I do this:
I had a read of this post and then looked at the code as suggested by RMerlin in the last post (posting a new thread so as to not necro that one). I can see the point at which the "Can't get basic constrain" error arises. I've read online that basicConstraints shouldn't need to be set for an end-entity certificate; if it's absent it should be assumed to equal CA:FALSE. I assume that's why step-ca doesn't include that extension on an end-entity certificate, and I haven't been able to find a way to override that. But the upload function doesn't make that assumption, and seems to need an explicitly-set CA:FALSE before it will recognise a certificate as an end-entity certificate.
Am I doing something completely wrong here?
Asus RT-AC66U B1 running Merlin 386.14_2.
I run my own CA using step-ca on my local network (primarily to access Pi-hole admin interfaces via HTTPS, mostly as a learning experience).
I generated an end-entity certificate signed by the CA and I'm trying to import the private .key and public .crt files to the router so I can access the GUI without a security message from my devices that have the CA's root certificate installed.
I get an error when I do this:
Code:
Nov 26 14:01:54 httpd: Can't get basic constrain from /jffs/.cert/cert.pem
Nov 26 14:01:54 httpd: Delete uploaded certificateAm I doing something completely wrong here?
