After seeing this post, I got things running in short order on 2 18.06.x systems. I needed to add the following packages:
acme
acme-dnsapi
luci-app-acme
wget
luci-app-uhttpd
libuhttpd-openssl
You'll need to go through the luci-app-acme and possible the luci-app-uhttpd dashbords to get everything working. I'll assume you have used an acme.sh script before on a Linux system and know how to use the opkg command. If not, I don't recommend even trying untill you're comfortable with these two prerequisites.
Thanks for the idea. I've been wanting to do this for some time and did not realize how easy it is!
how did you configure the uhttp / acme specifics, I've got 80->443 redirects working, acme cert seems to be generated and presented but it's still getting a warning in the browser as self-signed.
When I try to install libuhttpd-openssl I get:
* check_data_file_clashes: Package libustream-openssl wants to install file /lib/libustream-ssl.so
But that file is already provided by package * libustream-mbedtls20150806
* opkg_install_cmd: Cannot install package libuhttpd-openssl.
Anyone get this working using the luci-app-acme gui? Specifically using a wildcard cert? Letsencrypt says I need to use the dns mode challenge to get wildcard certs but acme.sh keeps trying to use the http type challenge, even though I'm providing my DNS api credentials. I made this issue: https://github.com/openwrt/packages/issues/11095. I'm kinda tearing my hair out over this.
If anyone sees this, check the github link, I solved the issue. I was just being dumb.
After seeing this post, I got things running in short order on 2 18.06.x systems. I needed to add the following packages:
acme
acme-dnsapi
luci-app-acme
wget
luci-app-uhttpd
libuhttpd-openssl
You'll need to go through the luci-app-acme and possible the luci-app-uhttpd dashbords to get everything working. I'll assume you have used an acme.sh script before on a Linux system and know how to use the opkg command. If not, I don't recommend even trying untill you're comfortable with these two prerequisites.
Thanks for the idea. I've been wanting to do this for some time and did not realize how easy it is!
how did you configure the uhttp / acme specifics, I've got 80->443 redirects working, acme cert seems to be generated and presented but it's still getting a warning in the browser as self-signed.
When I try to install libuhttpd-openssl I get:
* check_data_file_clashes: Package libustream-openssl wants to install file /lib/libustream-ssl.so But that file is already provided by package * libustream-mbedtls20150806 * opkg_install_cmd: Cannot install package libuhttpd-openssl.Any ideas how to proceed? Many thanks!
More replies
More replies
Both acme and acme-dns are also in OpenWrt packages.
Would you mind linking to a tutorial / documentation somewhere?
More replies
Anyone get this working using the luci-app-acme gui? Specifically using a wildcard cert? Letsencrypt says I need to use the dns mode challenge to get wildcard certs but acme.sh keeps trying to use the http type challenge, even though I'm providing my DNS api credentials. I made this issue: https://github.com/openwrt/packages/issues/11095. I'm kinda tearing my hair out over this.
If anyone sees this, check the github link, I solved the issue. I was just being dumb.
More replies