Hello, everyone.
I'm using a HTTPS reverse proxy within my LAN, with certificates signed with my private root CA. Since they are self-signed, most applications will abort the connection unless I add my root CA to the system-wide CA certificate repository.
I've done it successfully in my Debian and Arch systems, but I can't seem to get it to work in OpenWRT. I'm following this guide and everything works as expected. However, the system still considers my certificates untrusted (curl aborts, openssl returns Verify return code: 21 (unable to verify the first certificate). Looking inside /etc/ssl/certs, it seems that the CA certificates are all part of a single ca-certificates.crt file. Perhaps the process has changed?
Running OpenWrt 22.03.5 r20134-5f15225c1e. Thanks for any help.