[SOLVED] Own SSL certificate for admin/LUCI web

Hello,

where to load ssl certificate, which I have for my domain, to have https administration luci pages with my ssl?

Thanks.

pavel

The default self-signed certificate is in file /etc/lighttpd-self-signed.pem, bundled together with private key – that is how lighttpd expects it.

Fell free to put your certificate wherever, then update the configuration file /etc/lighttpd/conf.d/ssl-enable.conf. Don’t forget to add the chain certificate as well, into the lighttpd option ssl.ca-file, otherwise your certificate could not be recognised as valid.

See this example config for Let’s Encrypt.

3 Likes

Works, thanks.

Pavel

For my CAcert certificate, what I did, was to generate the CSR on a Debian LXC container:

% openssl req  -new -nodes -newkey rsa:2048 -keyout server.key -out server.csr -days 1000

Then, I paste the server.csr file in the CAcert Web form, and I download the server.crt file signed by CAcert. I then concatenate the private key and the signed certificate:

% cat server.key server.crt > server.pem

Then I copy server.pem to the Turris, change the lighttpd config as indicated and everything works.