User Tools

Site Tools


docs:tips_n_tricks:tomato.html

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revisionBoth sides next revision
docs:tips_n_tricks:tomato.html [15.02.2019 15:55 CET] – [Using https with your own CA] peterdocs:tips_n_tricks:tomato.html [15.02.2019 15:55 CET] – [Using https with your own CA] peter
Line 1: Line 1:
 ====== Tomato ====== ====== Tomato ======
 ===== Using https with your own CA ===== ===== Using https with your own CA =====
-<note important>It seems, you first have to create the key/certificate pair with the subject configured in //TomatoUSB//s web gui. Otherwise it will be regenerated at next boot, overwriting your custom certificate.</note>+<note important>It seems, you first have to create the key/certificate pair with the desired subject configured in //TomatoUSB//s web gui. Otherwise it will be regenerated at next boot, overwriting your custom certificate.</note>
 One advantage of open source firmware is the ability to use //https// for accessing the web based configuration tools (aka Web GUI). However, with Tomato USB there is no obvious option to upload a signed certificate. If you're running your own Home-CA, eg. by using [[https://github.com/chris2511/xca/|XCA]] you want to sign it, so none of the browsers in your household complains about the selfsigned certificate of you router. I assume you have //ssh// access to your router, so you can copy files from and to the router by //scp//. First of all, you need to have "store tor NVRAM" enabled for your https certificate in the //Tomato USB// configuration. Now go to your favourite computer running a decent shell and copy two files to your working directory: One advantage of open source firmware is the ability to use //https// for accessing the web based configuration tools (aka Web GUI). However, with Tomato USB there is no obvious option to upload a signed certificate. If you're running your own Home-CA, eg. by using [[https://github.com/chris2511/xca/|XCA]] you want to sign it, so none of the browsers in your household complains about the selfsigned certificate of you router. I assume you have //ssh// access to your router, so you can copy files from and to the router by //scp//. First of all, you need to have "store tor NVRAM" enabled for your https certificate in the //Tomato USB// configuration. Now go to your favourite computer running a decent shell and copy two files to your working directory:
  
docs/tips_n_tricks/tomato.html.txt · Last modified: 03.05.2021 19:08 CEST by peter

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki