Custom SSL Certificate not working on OC200
Hey there!
I requested a trusted SSL certificate from a Certificate Authority and went to the controller to upload both the certificate and key (both in PEM files).
No errors whatsoever. However, after rebooting, the certificate has not changed. I first tried and emptied the cache of my browsers.
And then I came to notice that in my case it had nothing to do with any browser cache, since I also tried to retrieve the certificate details through openssl:
❯ openssl s_client -connect 192.168.81.1:443 | openssl x509 -noout -subject
Warning: Reading certificate from stdin since no -in or -new option is given
Connecting to 192.168.81.1
Can't use SSL_get_servername
depth=0 C=CN, ST=ShenZhen, L=ShenZhen, CN=TP-Link
verify error:num=66:EE certificate key too weak
verify return:1
depth=0 C=CN, ST=ShenZhen, L=ShenZhen, CN=TP-Link
verify error:num=66:EE certificate key too weak
verify return:1
depth=0 C=CN, ST=ShenZhen, L=ShenZhen, CN=TP-Link
verify return:1
subject=C=CN, ST=ShenZhen, L=ShenZhen, CN=TP-Link
I get the same output when I try the openssl on the public domain name.
Here is a partial screenshot of the certificates that show up in the GUI (before and) after the reboot.
There are no log messages that I can find. Using the same SSL cert + key on a dummy Nginx webserver works like a charm.
Am I doing something wrong?