Using LuCi to Upload of SSL Certificate and Key Files Fails with ACL Error

The reported error is: "Upload request failed: Access to path denied by ACL"

To reproduce:
I had already created the certificate and key files using my OpnSense server.

  1. Select System >> Software
  2. Enter "openssl-util" into the field "Download and install package" and the OK.
  3. Replete with "luci-app-uhttpd".
  4. Select Services >> uHTTPd
  5. Pressed Select file for "HTTPS Certificate (DER Encoded)".
  6. Navigate to /etc/ssl/certs
  7. Press "Upload file" and select the certificate file (.crt) to be uploaded. Press "Upload file" again.
  8. Pop-up reports: "Upload request failed: Access to path denied by ACL"

The same issue arises if the key file upload is attempted.

Try using /etc/luci-uploads/ as destination directory.

1 Like

Probably helps if I include the build details:
The device is a Meraki MR18.
Firmware version: OpenWrt 19.07.3 r11063-85e04e9f46 / LuCI openwrt-19.07 branch git-20.136.49537-fb2f363
Nothing reported in either the Kernel or System log files.

Hi jow, Thanks but that also fails. However I did find a previous certificte and key a that location so I guessed that was the intended location all along and not as the documentation states.

I had to move the uploaded cert and key to default cert and key files and give read access for group and others.

That worked, but is it all right to assign the certificate path to that directory, or should I copy the uploaded certificates to /etc/ssl?

Anyway, this UI seems stupid. Why can't the UI just allow users to upload certificates without knowing the details of destination, and just intelligently upload it to its temp directory and then move to proper locations and use them transparently?

Also, why does selecting a directory in the directory browser scrolls the page to the top so that I have to scroll do each time I select a directory?

1 Like