Hi to all,
I have an RT-AX88U router running the latest Merlin Firmware (384.13) with DDNS configured to my host (host.<myhostname>.com) which has been in use for many months. Earlier in the year I also configured the Web GUI for secure access using my hostname and in the process successfully created a Webui SSL Certificate using 'Letsencrypt' to facilitate this access.
Recently, I had cause to access the router using the shortcut to the secure Web GUI access which reported on Edge that the "site is not secure" this also occurred on Internet Explorer. Closer inspection identified that the Letsencrypt certificate had expired and had not automatically renewed. I also noted that 'Status' reported as 'OK' and not 'Active' as shown at the time created.
The Firmware was updated shortly after its release and so I don't know if the problem pre-existed this update or whether it has occurred as a result of it. The expired date (2019/7/13) is not helpful in identifying the precise failure point as it had renewed prior to this whist reporting as 'Active', if I recall correctly.
In troubleshooting I have rebooted the router and disabled both the certificate and DDNS Client (before rebooting once more) and then re-establishing both, but the expired certificate persists. I have also (following lengthy trawls through these forums) SSH'd the router and using WinSCP sought (without success) to execute the /sbin/le_acme command line as suggested on a number of posts here as a 'manual' renewal solution.
The other solution suggested is to complete a 'Factory Reset' but before undertaking such a major time consuming 'fail safe' measure I am keen to explore other steps I might follow to either remove this (failed) certificate and thus start over or else, alternatively, to restart the renewal process (including any clarification of using the 'le_acme' approach in case I have not done so correctly) such that the server certificate status be set 'Active' once more and to renew automatically as intended and reported previously.
Accordingly, I would be most grateful for any advice/steps I might follow to ensure I have not missed anything obvious!
Many thanks in advance,
PC Pilot
I have an RT-AX88U router running the latest Merlin Firmware (384.13) with DDNS configured to my host (host.<myhostname>.com) which has been in use for many months. Earlier in the year I also configured the Web GUI for secure access using my hostname and in the process successfully created a Webui SSL Certificate using 'Letsencrypt' to facilitate this access.
Recently, I had cause to access the router using the shortcut to the secure Web GUI access which reported on Edge that the "site is not secure" this also occurred on Internet Explorer. Closer inspection identified that the Letsencrypt certificate had expired and had not automatically renewed. I also noted that 'Status' reported as 'OK' and not 'Active' as shown at the time created.
The Firmware was updated shortly after its release and so I don't know if the problem pre-existed this update or whether it has occurred as a result of it. The expired date (2019/7/13) is not helpful in identifying the precise failure point as it had renewed prior to this whist reporting as 'Active', if I recall correctly.
In troubleshooting I have rebooted the router and disabled both the certificate and DDNS Client (before rebooting once more) and then re-establishing both, but the expired certificate persists. I have also (following lengthy trawls through these forums) SSH'd the router and using WinSCP sought (without success) to execute the /sbin/le_acme command line as suggested on a number of posts here as a 'manual' renewal solution.
The other solution suggested is to complete a 'Factory Reset' but before undertaking such a major time consuming 'fail safe' measure I am keen to explore other steps I might follow to either remove this (failed) certificate and thus start over or else, alternatively, to restart the renewal process (including any clarification of using the 'le_acme' approach in case I have not done so correctly) such that the server certificate status be set 'Active' once more and to renew automatically as intended and reported previously.
Accordingly, I would be most grateful for any advice/steps I might follow to ensure I have not missed anything obvious!
Many thanks in advance,
PC Pilot