Comments (4)
Thanks a lot for your detailed analysis, @hafx 😃
I followed your suggestion and created a PR to check the key type:
from fritzbox_upload_certificate.
Hi,
honestly, I don't know... 😇
I doubt the issue is related to the username/password you provided. The script would bail out earlier then. You can test this by giving a wrong username/password on purpose.
Unfortunately, I can't really debug this on my own. So, I would suggest you perform the two steps
- login
- upload a certificate
in your environment with a browser's development tools to see the exact requests and responses on success. Chrome is easier to use here since you have to interrupt a redirect which is not possible with Firefox.
The format of the certificate bundle which can be uploaded to the Fritzbox can be found here:
Best regards
from fritzbox_upload_certificate.
Hi,
honestly, I don't know... 😇
I doubt the issue is related to the username/password you provided. The script would bail out earlier then. You can test this by giving a wrong username/password on purpose.
Unfortunately, I can't really debug this on my own. So, I would suggest you perform the two steps
- login
- upload a certificate
in your environment with a browser's development tools to see the exact requests and responses on success. Chrome is easier to use here since you have to interrupt a redirect which is not possible with Firefox.
The format of the certificate bundle which can be uploaded to the Fritzbox can be found here:
Best regards
Hi,
Thank you for your answer.
- For the login I tried with a wrong password. The result is :
root # ./fritzbox_upload_certificate.sh
Login failed.
- I added in the script this to write the output of the command in a file to upload it from the UI. Here the result :
cat "${certpath}/fullchain.pem" "${certpath}/privkey.pem" | grep -v '^$' > mycert.pem
The result is exactly the same as the script.
</head>
<body>
<div id="main_page_all">
<header class="" name="" id="blueBarBox">
<div class="logoBox" name="" id=""></div>
<div class="blue_bar_titel" name="" id="blueBarTitel">FRITZ!Box</div>
<div class="logoBox fake" name="" id=""></div>
</header>
<div id="page_content_no_menu_box">
<div class="blue_bar_back">
<h2>FRITZ!Box</h2>
</div>
<div id="page_content" class="page_content">
<form method="POST" name="mainform" action="/index.lua">
<p>
The password entry is not valid. Please enter the correct password.
<br>
</p>
</form>
</div>
<script type="module">
import postUpload from "/js/post_upload.js";
postUpload.redirect();
</script>
<div class="clear_float"></div>
</div>
</div>
</div>
</body>
</html>
mycert.pem
-----BEGIN CERTIFICATE-----
blabla
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
blabla
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
blabla
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
blabla privkey
-----END PRIVATE KEY-----
Something strange is the header in the certificate. Which header is expected ?
RSA Private Key:
Header: "-----BEGIN RSA PRIVATE KEY-----"
DSA Private Key:
Header: "-----BEGIN DSA PRIVATE KEY-----"
ECDSA Private Key:
Header: "-----BEGIN EC PRIVATE KEY-----"
PKCS#8 Encrypted Private Key:
Header: "-----BEGIN ENCRYPTED PRIVATE KEY-----"
PKCS#8 Unencrypted Private Key:
Header: "-----BEGIN PRIVATE KEY-----"
https://en.avm.de/service/knowledge-base/dok/FRITZ-Box-5490/1525_Importing-your-own-certificate-to-the-FRITZ-Box/
RSA seems to be expected.
I'm currently using this header :
-----BEGIN PRIVATE KEY-----
-----END PRIVATE KEY-----
I used certbot
to generate my certificate.
If I use this command to remove my no existing password with openssl :
openssl rsa -in privkey.pem -out privatekey-nopass.pem
Not an RSA key
According to this post https://community.letsencrypt.org/t/getting-a-rsa-privkey-from-the-letsencrypt-generated-pem/188797/7
I think I'm using an EC key and not RSA because I'm using certbot >2.0
I'll try to generate an RSA key with certbot.
Thanks
from fritzbox_upload_certificate.
I regenerated my certificate with certbot using the flag --key-type rsa
and it worked.
<div id="page_content" class="page_content">
<form method="POST" name="mainform" action="/index.lua">
<p>
Import of the SSL certificate was successful.
<br>
</p>
Now I can confirm your script works with the 7490 FRITZ!OS 7.57.
Maybe a nice feature in the script can be the check of the RSA. (but yeah I know it's my fault, I didn't read completely the doc 😄 https://en.avm.de/service/knowledge-base/dok/FRITZ-Box-7490/1525_Importing-your-own-certificate-to-the-FRITZ-Box/)
Thanks for your work and your help.
from fritzbox_upload_certificate.
Related Issues (4)
- Certificate Upload Error HOT 2
- Too strict privkey check??? HOT 4
- does not work with 7.57 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fritzbox_upload_certificate.