SSL-certificate installation

When working with the device via HTTPS device generates a self-signed certificate. Installation of user certificate is available.
It should be noted that the performance of the device web interface  is reduced due to the length of the key.

Certificate installation

Creating a self-signed certificate with OpenSSL

Self-signed certificates can be generated with a script:

#!/bin/sh 
 
CERT_PATH="." 
CERT_NAME=${CERT_PATH}/"custom" 
CERT_SUBJ="/C=SK/ST=Bratislava/L=Bratislava/O=Vutlan s.r.o./OU=IT Department/CN=vutlan.com" 
 
openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout "${CERT_NAME}.key" -out "${CERT_NAME}.pem" -subj "${CERT_SUBJ}"

Then install files custom.pem and custom.key under the certificate  installation procedure.

You can install your certificate on the Preferences -> Network page. You must enable HTTPS and upload the key and certificate files.
After clicking the Save button, the settings will be saved and the system will automatically restart with new settings.


If the certificate files with an error and cannot be used by the system, then the system will use safe settings: port 80, HTTPS is disabled. The log will be a corresponding error message. 


Certificate installation for versions  2.5

Creating self-signed certificates by OpenSSL

Self-signed certificates can be generated by:

openssl req -x509 -nodes -days 365 -newkey cert.key -out cert.crt

Then combine with text editor both files cert.key and cert.crt in next steps: in the beginning content of cert.key, then the content of cert.crt. Save file like custom.pem, copy it to the USB-flash, and put USB stick to the device USB port.

To install your own certificate file copy it to the USB-flash, rename the file to custom.pem, and put USB-flash to device USB port.

After the completion of the exchange (the LED on the USB flash drive and flash off), remove the USB flash and open the web interface over HTTPS.