====== Background ======
* The UAM SSL key and certificate is located on the Access Points controlled by MESHdesk and APdesk.
* This certificate are used by CoovaChilli to encrypt the Ajax calls between your browser and CoovaChilli.
* It expired on 5November 2023.
* We updated the Git repository with a new version.
* These instructions should be used to patch any existing Access Points which use the certificate during the login process of CoovaChilli.
* The instructions will contain two parts.
- Host the new key and cert files on the server running RADIUSdesk
- Do remote command execution on the Access Points to patch them with the new key and cert files.
====== Host the new files ======
* Connect to the server running RADIUSdesk using SSH
* Check out the latest openwrt-meshdesk code
#Do this in a temporary workspace
mkdir temp_cert
cd temp_cert
git clone https://github.com/RADIUSdesk/openwrt-meshdesk.git openwrt-meshdesk
* Create a directory where Nginx can serve the new cert and key files from and copy them to that directory.
sudo mkdir -p /var/www/html/certs
sudo cp ./openwrt-meshdesk/MESHdesk/files/MESHdesk/captive_portals/cert.pem /var/www/html/certs
sudo cp ./openwrt-meshdesk/MESHdesk/files/MESHdesk/captive_portals/key.pem /var/www/html/certs
====== Remote command Execution (Patch) ======
{{:technical:uam_update.png?nolink|}}
* Select the Access Point you want to patch
* Click on the **Execute** button to execute a command.
* Select **Execute Command** from the radio button.
* Enter the following (while adapting it to your server setup)
* //This means you have to substitute cloud.radiusdesk.com with the FQDN of your RADIUSdesk server.//
cd /etc/MESHdesk/captive_portals/ ; rm key.pem ; rm cert.pem ; wget http://cloud.radiusdesk.com/certs/key.pem; wget http://cloud.radiusdesk.com/certs/cert.pem
* Sent the Access Point a reboot instruction to activate the new key and certificate.
* Test to see if the error is gone.