Hi,
I'm trying to install a Let's Encrypt certificate on my RT-AC66U B1. I have a custom domain using Cloudflare as the DNS provider.
I can't use the WAN - DDNS page in my router settings to achieve this as my router does not have the 'custom' server option that I see others use online.
I started using the acme.sh client on my router to get the certificate, but I'm struggling to install the certificate and get the web UI to use the new certificate. My router will always present the default certificate - the one for router.asus.com.
The process I've been using so far is:
# Enter Cloudflare info
export CF_Key="abcxys..."
export CF_Email="xxxx@abc.com"
export CF_Token="abcxys..."
export CF_Account_ID="123..."
# Command to issue cert
./acme.sh --issue --dns dns_cf -d example.com
This then prompts me to add a txt dns record to verify ownership, after doing so I then re-run the above issue command with --renew.
After this I have a cert, key, ca and full chain cert in a temporary directory on my router.
I then copy the key and full chain cert to another directory eg. /jffs/.cert, then run the following to install it:
acme.sh --install-cert --domain example.com --key-file /jffs/.cert/key.pem --fullchain-file /jffs/.cert/cert.pem --reloadcmd 'service restart_httpd'
I've also tried another directory eg. /tmp/.cert with the same result.
I've checked the contents of the files and they seem to be correct (I was getting blank files until I added the export commands above).
I'm on the stock Asus firmware, 3.0.0.4.386_48262-g5071673.
Any pointers on how to proceed?
Thanks.
I'm trying to install a Let's Encrypt certificate on my RT-AC66U B1. I have a custom domain using Cloudflare as the DNS provider.
I can't use the WAN - DDNS page in my router settings to achieve this as my router does not have the 'custom' server option that I see others use online.
I started using the acme.sh client on my router to get the certificate, but I'm struggling to install the certificate and get the web UI to use the new certificate. My router will always present the default certificate - the one for router.asus.com.
The process I've been using so far is:
# Enter Cloudflare info
export CF_Key="abcxys..."
export CF_Email="xxxx@abc.com"
export CF_Token="abcxys..."
export CF_Account_ID="123..."
# Command to issue cert
./acme.sh --issue --dns dns_cf -d example.com
This then prompts me to add a txt dns record to verify ownership, after doing so I then re-run the above issue command with --renew.
After this I have a cert, key, ca and full chain cert in a temporary directory on my router.
I then copy the key and full chain cert to another directory eg. /jffs/.cert, then run the following to install it:
acme.sh --install-cert --domain example.com --key-file /jffs/.cert/key.pem --fullchain-file /jffs/.cert/cert.pem --reloadcmd 'service restart_httpd'
I've also tried another directory eg. /tmp/.cert with the same result.
I've checked the contents of the files and they seem to be correct (I was getting blank files until I added the export commands above).
I'm on the stock Asus firmware, 3.0.0.4.386_48262-g5071673.
Any pointers on how to proceed?
Thanks.
