Glinet ax6000 flint 2 openwrt 443/SSL Cert Brave on Linux

Just received a Flint 2. How to I prevent my browser (Brave on Linux) from complaining about non-secure connection? Is there a certificate I can download or install for my browser or my workstation that will allow a 443/SSL connection?

This video and the one that follows it is a good start - https://youtu.be/kAaIYRJoJkc

Will do, thanks.

Does it complain about a non secure connection, or a bad cert, apples and bananas....

2 Likes

Please help with
ubus call system board

1 Like

Looks like it can't establish a secure/443 connection to the web console and simply says the connection is "Not Secure".

OpenWrt creates a self-signed certificate on first boot or reset to defaults. Obviously due to this, the OpenWrt's cert is not signed by any Global Certificate Authority that has its cert installed in your browser. If you want a recognized cert, there are threads where users install Acme and obtain a certificate.

You can also accept and save this certificate on your browser.

Please be advised, you'll need a domain name (DDNS name will due) for this to work.

Good stuff. Getting through the second video, I pushed up my generated and exported certificate and key files with scp to /etc/ (uhttpd.crt and uhttpd.key) then restarted the uhttpd service. But when I refresh the Gl.iNet page or the OpenWRT Luci page, it's still has the old/original certs. Didn't update.

Are you running official OpenWrt?

And are you saying that you're having an issue browsing to all HTTPS sites on the Internet?

1 Like

No issues with the function of the router. I'm just trying to push my own cert to the router using the method linked in the video above so I don't get the annoying "site not secure" when trying to connect to :443/https

{
	"kernel": "5.4.238",
	"hostname": "GL-MT6000",
	"system": "ARMv8 Processor rev 4",
	"model": "GL.iNet GL-MT6000",
	"board_name": "glinet,gl-mt6000",
	"release": {
		"distribution": "OpenWrt",
		"version": "21.02-SNAPSHOT",
		"revision": "r15812+1075-46b6ee7ffc",
		"target": "mediatek/mt7986",
		"description": "OpenWrt 21.02-SNAPSHOT r15812+1075-46b6ee7ffc"
	}
}
1 Like

It appears you are using firmware that is not from the official OpenWrt project.

When using forks/offshoots/vendor-specific builds that are "based on OpenWrt", there may be many differences compared to the official versions (hosted by OpenWrt.org). Some of these customizations may fundamentally change the way that OpenWrt works. You might need help from people with specific/specialized knowledge about the firmware you are using, so it is possible that advice you get here may not be useful.

You may find that the best options are:

  1. Install an official version of OpenWrt, if your device is supported (see https://firmware-selector.openwrt.org).
  2. Ask for help from the maintainer(s) or user community of the specific firmware that you are using.
  3. Provide the source code for the firmware so that users on this forum can understand how your firmware works (OpenWrt forum users are volunteers, so somebody might look at the code if they have time and are interested in your issue).

If you believe that this specific issue is common to generic/official OpenWrt and/or the maintainers of your build have indicated as such, please feel free to clarify.

1 Like

Appreciate that. I bought this router because it ran OpenWrt, not fully aware hardware vendors could make their own "distros" of it similar to Linux distros. All good, I'm very happy with the device so far. It was recommended here on the forum.

You can install official OpenWrt if you desire. :wink:

Firmware: https://downloads.openwrt.org/releases/23.05.5/targets/mediatek/filogic/openwrt-23.05.5-mediatek-filogic-glinet_gl-mt6000-squashfs-sysupgrade.bin

Wiki: https://openwrt.org/toh/gl.inet/gl-mt6000#installation

3 Likes

Ah sorry, as others have highlighted I thought you were running vanilla openwrt. It may be GL.inet software makes that stuff more complicated. Just my view but I find the vanilla openwrt works really well for me, and I'm not too tech savvy compared to some others on here. Hope you work it all out in the end :+1:

2 Likes

Thanks for the feedback. I'm planning to flash openwrt on it soon, just trying to find the time with the least disruption to the household :smiley:

2 Likes