Skip to main content

Ubiquiti EdgeRouter 6p - Install Let's Encrypt Wildcard Certificate via Command Line

201 words·
Router Ubiquiti Wildcard Certificate Lighttpd
Table of Contents

Prerequisites
#

Create a DNS entry for you EdgeRouter
#

If you use your router as DNS server, create a DNS entry for your router name:

  • Go to Wizards > DNS host names

  • Click Add New to create a new DNS entry

  • Click Apply to save the new DNS entry


Ubiquiti EdgeRouter 6p - Install Wildcard Certificate
#

Backup original Certificate
#

  • SSH into the router and backup the original certificate
# Create backup directory
sudo mkdir -p /root/orig-cert

# Create backup of server.pem
sudo cp /etc/lighttpd/server.pem /root/orig-cert/server.pem

Note: The key and certificate are combined into one server.pem file

Install Wildcard Certificate
#

  • Combine the privkey.pem and fullchain.pem into a server.pem file
# Linux
cat privkey.pem fullchain.pem > server.pem
# Powershell
Get-Content privkey.pem, fullchain.pem | Set-Content server.pem
  • Copy the server.pem file into the home directory of your EdgeRouter6p user

  • Change the ownership and permissions

# Set root ownership
sudo chown root:root server.pem

# Change permissions
sudo chmod 0400 server.pem
  • Replace original certificate
# Replace the original `server.pem` file
sudo cp server.pem /etc/lighttpd/

Restart Lighttpd Webserver
#

# Restart the Lighttpd webserver
sudo service lighttpd restart

Router Webinterface
#

# Open webinterface
router.jklug.work

The webinterface is now secure and uses TLS encryption.