What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Adding own SSL certificate

O

original-birdman

Occasional Visitor
I'd like to upload my own SSL certificate (I have my own root CA for some local systems, and it's installed in my browser) so that I don't need to keep allowing exceptions every time the router-generated certificate changes.

However, there is no indication as to what format this needs to be in in order for the upload to work. (WAN -> DDNS tab, HTTPS/SSL Certificate, Import Your Own Certificate).

Does anyone know? Or where the files lives on the file-system after the upload (so I could just copy it there directly)?
 
Standard PEM.
 
OK. Found this in syslog, which may explain why it isn't working:

Jun 29 23:31:26 httpd: Can't get subject/authority key identifier. ([20:F8:7B:6]/[NULL])
Jun 29 23:31:26 httpd: Delete uploaded certificate
Jun 29 23:31:35 httpd: Can't get subject/authority key identifier. ([20:F8:7B:6]/[NULL])
Jun 29 23:31:35 httpd: Delete uploaded certificate
Click to expand...
Not sure what the problem is. Apache is happy with similar certificates (for different hostnames)
 
OK. Sorted it.

I needed to tick another box when generating the certificate (and then had to generate it again to add IP address fields as well as DNS names...).

Thanks...
 
Well, I suspect that depends on what you are using to generate them.

I'm using xca, and under the "Extensions" tab I had to select the "X509 Authority Key Identifier" option.
Given that the Validation tab when looking at a Certificate's details was pointing out that this was missing, I'm not sure how I'd missed it for several years.
 
I'm using .net. Several years ago, when Asus changed their certificate policy, I tried to make it work but failed miserably with the message, you also got. I ended giving up.
But your question and answer got me in the right direction. The key was indeed to implement "X509 Authority Key Identifier". Not easy at all, but now I got it working with my own CA, thanks for your help.
 
You must log in or register to reply here.

Similar threads

hartacus
Import own certificate from step-ca
Replies
1
Views
504
porktomatoes
P
N
HTTPS/SSL Certificate issue when using WWW.NAMECHEAP.COM in DDNS
Replies
4
Views
1K
naitkris
N
M
Importing own certificate broken on 3004.388.6 ?
Replies
10
Views
2K
iTheMask
I
XIYO
Question on Setting up Scheduler for Wildcard Certificates and DDNS in Asuswrt-Merlin
Replies
5
Views
2K
Jeffrey Young
J
T
How to add SSL cert?
Replies
0
Views
833
trevor68
T
Similar threads
Thread starter Title Forum Replies Date
R BE30000 Troubleshooting Wireless connection issues & system log SSL entries ASUS BE Routers & Adapters (Wi-Fi 7) 1

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 745 (members: 24, guests: 721)
Back
Top