Let's Encrypt SSL Certificates for DD-WRT  

Note to self on setting up Let’s Encrypt SSL certificates for DD-WRT.

Prerequisites: a router with DD-WRT with a USB port (to mount external USB drive via jffs), an external USB drive, and a domain to assign to your router. My notes on the router setup are here.

  • Create or renew the necessary certificate.
  • openssl rsa -in privkey.pem -out key.pem
  • scp *.pem root@router:/jffs/etc/
  • Router settings > Administration > Web Access > Protocol > HTTPS (check this box)
  • Router settings > Administration > Remote Access > Use HTTPS (check this box), and set Web GUI Port to 443
  • Save, Apply Settings, and Reboot Router (for good measure).
  • Copy to /jffs/etc/ and run this script, following instructions from this gist

Effectively, this mount-binds the corresponding cert.pem, and key.pem into /etc/*.pem followed by servicestart httpd.

Worked like a charm!

References