−Table of Contents
Background
- The UAM SSL key and certificate is located on the Access Points controlled by MESHdesk and APdesk.
- This certificate are used by CoovaChilli to encrypt the Ajax calls between your browser and CoovaChilli.
- It expired on 5November 2023.
- We updated the Git repository with a new version.
- These instructions should be used to patch any existing Access Points which use the certificate during the login process of CoovaChilli.
- The instructions will contain two parts.
- Host the new key and cert files on the server running RADIUSdesk
- Do remote command execution on the Access Points to patch them with the new key and cert files.
Host the new files
- Connect to the server running RADIUSdesk using SSH
- Check out the latest openwrt-meshdesk code
#Do this in a temporary workspace mkdir temp_cert cd temp_cert git clone https://github.com/RADIUSdesk/openwrt-meshdesk.git openwrt-meshdesk
- Create a directory where Nginx can serve the new cert and key files from and copy them to that directory.
sudo mkdir -p /var/www/html/certs sudo cp ./openwrt-meshdesk/MESHdesk/files/MESHdesk/captive_portals/cert.pem /var/www/html/certs sudo cp ./openwrt-meshdesk/MESHdesk/files/MESHdesk/captive_portals/key.pem /var/www/html/certs
Remote command Execution (Patch)
- Select the Access Point you want to patch
- Click on the Execute button to execute a command.
- Select Execute Command from the radio button.
- Enter the following (while adapting it to your server setup)
- This means you have to substitute cloud.radiusdesk.com with the FQDN of your RADIUSdesk server.
cd /etc/MESHdesk/captive_portals/ ; rm key.pem ; rm cert.pem ; wget http://cloud.radiusdesk.com/certs/key.pem; wget http://cloud.radiusdesk.com/certs/cert.pem
- Sent the Access Point a reboot instruction to activate the new key and certificate.
- Test to see if the error is gone.