User Tools

Site Tools


docs:tips_n_tricks:tomato.html

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
docs:tips_n_tricks:tomato.html [07.11.2018 01:05 UTC]
peter [Using https with your own CA]
docs:tips_n_tricks:tomato.html [15.02.2019 14:55 UTC] (current)
peter [Using https with your own CA]
Line 1: Line 1:
 ====== Tomato ====== ====== Tomato ======
 ===== Using https with your own CA ===== ===== Using https with your own CA =====
 +<note important>​It seems, you first have to create the key/​certificate pair with the desired subject configured in //​TomatoUSB//​s web gui. Otherwise it will be regenerated at next boot, overwriting your custom certificate.</​note>​
 One advantage of open source firmware is the ability to use //https// for accessing the web based configuration tools (aka Web GUI). However, with Tomato USB there is no obvious option to upload a signed certificate. If you're running your own Home-CA, eg. by using [[https://​github.com/​chris2511/​xca/​|XCA]] you want to sign it, so none of the browsers in your household complains about the selfsigned certificate of you router. I assume you have //ssh// access to your router, so you can copy files from and to the router by //scp//. First of all, you need to have "store tor NVRAM" enabled for your https certificate in the //Tomato USB// configuration. Now go to your favourite computer running a decent shell and copy two files to your working directory: One advantage of open source firmware is the ability to use //https// for accessing the web based configuration tools (aka Web GUI). However, with Tomato USB there is no obvious option to upload a signed certificate. If you're running your own Home-CA, eg. by using [[https://​github.com/​chris2511/​xca/​|XCA]] you want to sign it, so none of the browsers in your household complains about the selfsigned certificate of you router. I assume you have //ssh// access to your router, so you can copy files from and to the router by //scp//. First of all, you need to have "store tor NVRAM" enabled for your https certificate in the //Tomato USB// configuration. Now go to your favourite computer running a decent shell and copy two files to your working directory:
  
Line 21: Line 22:
   reboot   reboot
  
-where the dots ... have to be replaced by the output gained above.+where the dots ... have to be replaced by the output gained above((A simpler solution would be probably to use ''​nvram setfb64 //<​file>//​.tgz''​ - but I haven'​t tried this.)).
  
 ===== Using TomatoUSB as NATting router ===== ===== Using TomatoUSB as NATting router =====
docs/tips_n_tricks/tomato.html.1541552734.txt.gz · Last modified: 07.11.2018 01:05 UTC by peter