Menu
What's new
By:
Filters Better Search

Recent content by ags

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. A

    Security of reverse proxy (vs other options)?

    I have several LAN devices that I want access to from LAN and WAN. I am running a NAS that supports reverse proxy and am considering using it to allow human-readable naming (and access) to the LAN endpoints. I've researched but unsurprisingly there does not seem to be consensus about security of...
  2. A

    AC88U operable but web interface no longer accessible

    I have still not solved my problem. I did determine that a corrupted cert was causing httpd to fail, restart, fail... etc. I was able to ssh and replace the certificate with a valid one. However, the root/intermediate certificates are expired, and I've found no way to replace them. Asus support...
  3. A

    AC88U operable but web interface no longer accessible

    What would you recommend as a not-garbage router?
  4. A

    AC88U operable but web interface no longer accessible

    Is it just me? That looks like you just disabled http, https, and saving certificates. I guess if it works for you...
  5. A

    RT-AC88U how to repair bad certs preventing web server from running - using command line

    I updated to the latest firmware, thinking if there were updated certs they'd be included. I would use the web interface for uploading certs, but that seems to not work properly (particularly since I have a non-public (private) WAN address, my ISP blocks port 80, and I don't use DDNS). I am...
  6. A

    RT-AC88U how to repair bad certs preventing web server from running - using command line

    I updated to the latest firmware (3.0.0.4.386_45987) and it did not include updated root certs. My cert is valid but the intermediate (R3) and root (DST Root CA X3) are expired. My cert is from R3 but on my NAS I was able to update the "chain" with a new R3 cert issued by ISRG Root X1. I've read...
  7. A

    RT-AC88U where to install replacements for expired intermediate/root certificates - using command line

    A separate post revealed (thanks to RMerlin for the response) that certificates can be manually (e.g. ssh command line) installed in /jffs/.cert directory. I now have a functioning web interface. However, it is still not trusted, since the root and intermediate certificates are expired. I've...
  8. A

    RT-AC88U how to repair bad certs preventing web server from running - using command line

    Exactly - I was offering that what you said explained why I saw httpd instead of lighttpd in the logs... Now I have a new problem - the root and intermediate certs are expired. Can I just concatenate them into the single file (/jffs/.cert/cert.pem) or do I need to install that somewhere else...
  9. A

    RT-AC88U how to repair bad certs preventing web server from running - using command line

    Thanks RMerlin!! That was the ticket. I replaced the cert.key and the server restarted and I'm up again. I think I may just use this method to update the certs. When I last tried using the web/UI, I had problems (and ultimately corrupted them and crashed the server). I don't use DDNS, but I...
  10. A

    RT-AC88U how to repair bad certs preventing web server from running - using command line

    I used the same type certs from Let's Encrypt as worked before for me (I have to upload them manually since my ISP blocks port 80 and the automatic system doesn't work). Do you know where those certs are located on the router file system so can delete them? I am hoping that would allow me to...
  11. A

    RT-AC88U how to repair bad certs preventing web server from running - using command line

    I posted separately about not being able to access the router web interface after I had updated the certificates. Further research provided some clues. It looks like the certificates are bad, and the server daemon tries to start periodically but crashes due to the bad certs. Seems like the next...
  12. A

    AC88U operable but web interface no longer accessible

    Aha! - I found something in syslog: This makes sense as it appears something is wrong the the key/cert I tried to update, or the code that reads and installs it. This was the last operation I performed using the web interface before it became non-functional. Any ideas on how to remove the...
  13. A

    AC88U operable but web interface no longer accessible

    I did not make changes to the LAN port settings. IIRC, the http (not secure) LAN port 80 access was removed in an update some time ago, with only https supported, and it was defaulted to 8443 as you say (I've tried 80, 443 and 8443 with the same results - no response from server) Also, netstat...
  14. A

    AC88U operable but web interface no longer accessible

    From Chrome browser: Also, using ssh and ps, I don't see any process running that I can identify as a web server. I thought maybe nginx was being used. Anyone know what process is the server (and possibly how to restart properly from ssh, if reboot does not restart it?)
  15. A

    AC88U operable but web interface no longer accessible

    1) the router responds to ping requests 2) cleared the cache (Chrome) 3) tried Safari and Firefox 4) tried another computer, on and off my LAN 5) rebooted the router several times (it was a reboot after uploading a new certificate that seems to have caused the problem) 6) I know I may have to do...
See more
Top