Installing your SSL certificates on the D-Link DNS-320L file storage
I bought at one time (even before crisis prices) the D-Link 320L file storage, already for 2,990 rubles (looking at today's prices I just want to cry). And recently, I wanted to configure normal WebDAV on it, but with access from outside.
I forwarded port 443 through the router to the file storage, created a new ball, and set WebDAV settings. I’m trying to connect - with the help of FAR plugins everything is ok, but through Widnows connection as a network drive does not work - I swear at certificates. He doesn’t want to, but there is no desire to put third-party stray.
Solved: we get a free SSL certificate (in my opinion on StartSSL I received it for my domain). I downloaded the files, the private key, with a contented face climbed into the admin panel, so I’ll fill in the certificates - but no! There is no such opportunity! It was decided to start picking.
The steps are as follows:
1) Fill the firmware from the official website with Addons support (today it is 1.08b08)
2) Install Addons from the website: OpenSSH, MC, vtCron
3) Find where the certificates are and replace them.
Having connected via SSH and running “ps ax”, I saw that lighttpd is responsible for the web, dig a config, and it says that the certificates (both the public and private keys) are in the same file /etc/certificate_https_all.pem. I deleted the old file, saved the new one (the order is as follows: the first is the public key, the second is the private key), restarted lighttpd. Everything is fine - the certificates picked up, but after the reboot everything disappeared - in / etc everything is saved only until the reboot. Then all over again. In this regard, it was decided to save the file with certificates on the hard disk (in my case, to /mnt/HD_a4/script/cert.pem) and write a script that performs the file substitution with the certificate and restarts the web server.
As a semaphore, whether the script was already executed during this reboot or not, it was decided to use the / etc / sslupdate file. At startup, the script checks if the semaphore exists? If it exists, the script ends its work. If there is no semaphore, then the script performs the following actions:
In order for the script to run, go through the web-face to the vtCron control and register the script to run there once every five minutes (* / 5 * * * *). We
reboot the repository, everything works.
I forwarded port 443 through the router to the file storage, created a new ball, and set WebDAV settings. I’m trying to connect - with the help of FAR plugins everything is ok, but through Widnows connection as a network drive does not work - I swear at certificates. He doesn’t want to, but there is no desire to put third-party stray.
Solved: we get a free SSL certificate (in my opinion on StartSSL I received it for my domain). I downloaded the files, the private key, with a contented face climbed into the admin panel, so I’ll fill in the certificates - but no! There is no such opportunity! It was decided to start picking.
The steps are as follows:
1) Fill the firmware from the official website with Addons support (today it is 1.08b08)
2) Install Addons from the website: OpenSSH, MC, vtCron
3) Find where the certificates are and replace them.
Having connected via SSH and running “ps ax”, I saw that lighttpd is responsible for the web, dig a config, and it says that the certificates (both the public and private keys) are in the same file /etc/certificate_https_all.pem. I deleted the old file, saved the new one (the order is as follows: the first is the public key, the second is the private key), restarted lighttpd. Everything is fine - the certificates picked up, but after the reboot everything disappeared - in / etc everything is saved only until the reboot. Then all over again. In this regard, it was decided to save the file with certificates on the hard disk (in my case, to /mnt/HD_a4/script/cert.pem) and write a script that performs the file substitution with the certificate and restarts the web server.
#!/bin/sh
if [ ! -e /etc/sslupdate ]; then
touch /etc/sslupdate
cp /mnt/HD_a4/script/cert.pem /etc/certificate_https_all.pem
ps ax | grep lightt | grep -v grep | awk '{ system ("kill " $1) }'
/usr/sbin/lighttpd-angel -D -m /usr/lighty_lib -f /etc/lighttpd/lighttpd.conf &
fiAs a semaphore, whether the script was already executed during this reboot or not, it was decided to use the / etc / sslupdate file. At startup, the script checks if the semaphore exists? If it exists, the script ends its work. If there is no semaphore, then the script performs the following actions:
- Creates a semaphore that it is executed;
- Copy the certificate from the hard drive to the / etc folder;
- Kills processes associated with lighttpd;
- Starts lighttpd.
In order for the script to run, go through the web-face to the vtCron control and register the script to run there once every five minutes (* / 5 * * * *). We
reboot the repository, everything works.