1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Use my own SSL certificate...

Discussion in 'Tomato Firmware' started by AtTheAsylum, Oct 15, 2007.

  1. AtTheAsylum

    AtTheAsylum LI Guru Member

    Hi all,

    A question more out of curiosity than anything else - can I use my own SSL certificate (and server key) with Tomato rather than the one it generates? Perhaps copying from a CIFS mounted file system using a script when the router boots? BTW - I checked the FAQ's and searched but couldn't find an answer :)
     
  2. AtTheAsylum

    AtTheAsylum LI Guru Member

    I did a bit of digging round on the router and found the following:

    In /etc:
    cert.pem - SSL certificate generated by Tomato.
    key.pem - host key file.

    I tried replacing (after backing up) these two files with my own that I had generated -eg:

    $ cp /cifs1/cert.pem /etc/cert.pem
    $ cp /cifs1/key.pem /etc/key.pem

    Then I needed to restart the web server. Had a look round again but couldn't see anything obvious so did the following:

    $ killall httpd
    $ cd /www
    $ httpd -s
    $ httpd

    This didn't work however :( The web server restarted ok but it seems that in doing so it replaced my new versions of the certificate and key file with the defaults (ie: Tomato generated).

    So, now I need to know a) how do I cleanly restart the web server? and b) how do I stop it from clobbering my certificate and keys files when I do?

    Any ideas?
     

Share This Page