Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # https://gist.github.com/davidbalbert/6815258
- #
- # First, enable SSH in the Administration->System tab.
- # Then log in to the device.
- # Verify that https_crt_save is off
- admin@RT-N66U:/tmp/home/root# nvram get https_crt_save
- 0
- # Enable https_crt_save and verify that it was set correctly
- admin@RT-N66U:/tmp/home/root# nvram set https_crt_save=1
- admin@RT-N66U:/tmp/home/root# nvram get https_crt_save
- 1
- # Write your custom key and certificate to the ephemeral file system.
- # Note that these files will not be preserved on restart.
- admin@RT-N66U:/tmp/home/root# cat >/etc/key.pem
- # paste in key
- admin@RT-N66U:/tmp/home/root# cat >/etc/cert.pem
- # paste in cert
- # Verify https_crt_file is empty
- admin@RT-N66U:/tmp/home/root# nvram get https_crt_file
- admin@RT-N66U:/tmp/home/root#
- # Restart httpd. When httpd starts up with https_crt_save enabled, it does the
- # following: If /etc/cert.pem and /etc/key.pem exist, it tars them together and
- # saves them in https_crt_file. If they do not exist (this would be the case
- # on reboot) and https_crt_file exists, httpd will extract the contents of
- # https_crt_file. You can see how this works in the start_ssl function here:
- # https://github.com/RMerl/asuswrt-merlin/blob/master/release/src/router/httpd/httpd.c
- admin@RT-N66U:/tmp/home/root# service restart_httpd
- # Ensure https_crt_file is now full
- admin@RT-N66U:/tmp/home/root# nvram get https_crt_file
- # ...snip...
- # Reboot AP to make sure cert is put back on boot
- admin@RT-N66U:/tmp/home/root# reboot
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement