Hello,
where to load ssl certificate, which I have for my domain, to have https administration luci pages with my ssl?
Thanks.
pavel
The default self-signed certificate is in file /etc/lighttpd-self-signed.pem, bundled together with private key – that is how lighttpd expects it.
Fell free to put your certificate wherever, then update the configuration file /etc/lighttpd/conf.d/ssl-enable.conf. Don’t forget to add the chain certificate as well, into the lighttpd option ssl.ca-file, otherwise your certificate could not be recognised as valid.
3 Likes
Works, thanks.
Pavel
For my CAcert certificate, what I did, was to generate the CSR on a Debian LXC container:
% openssl req -new -nodes -newkey rsa:2048 -keyout server.key -out server.csr -days 1000
Then, I paste the server.csr file in the CAcert Web form, and I download the server.crt file signed by CAcert. I then concatenate the private key and the signed certificate:
% cat server.key server.crt > server.pem
Then I copy server.pem to the Turris, change the lighttpd config as indicated and everything works.