Acme.sh and https in private Network and Public ip

Hi all,

i installed the acme.sh like in this guide https://github.com/Neilpang/acme.sh/wiki/How-to-run-on-OpenWRT

My problem is that when i go on the router sity in my network, Firefox says he can't trust the certificate, also when i go over www. i have the same problem.

Any of you have had the same problem and could me help to make the https bar in the adress green? Also it could be that i did it wrong because i understand a bit of them what I'm doing and i like to verify it but i didnt could find anything.

PS: Sry for my english

BR
Blva

See:

I'd also advise you not to run untrusted scripts to setup your router.

Let's Encrypt certificates can be issued in many ways. You will, for all of them, need to be able to adjust your public DNS for the name(s) in which you want to issue the certificate.

Let's Encrypt is, in my opinion, most valuable for public-facing services.

For internal-only services, there are at least two reasonable alternatives:

  • Know that the device you're connecting to has a self-signed certificate and trust that there isn't a rogue server on that IP:port or that your internal DNS has been compromised (won't make it "green")
  • Create your own CA and
    • Issue your own, internal certificates
    • Install your CA's trust certificate on the machine or two that you use to access those resources (will make it "green")
1 Like

Thank you @lleachii,

i read all the topic of you. Now i will move away from the https idea to ssh, because as i understand OpenWRT is easy to bruteforce and not concepted to be reachable from the Internet.

The reason why I'm searching for it is that i have a NAS and i wanna backup pictures from holiday or better to say when I'm in holiday , then i wanna backup my pictures.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.