Using HTTPS with opkg - Entware/Entware GitHub Wiki
Introduction
If you prefer a secure connection between the Entware repo and your device(s), you can switch from HTTP to HTTPS.
Installation
The opkg
package manager uses wget
to fetch packages, so you need a version of wget
with HTTPS support:
opkg install wget-ssl ca-certificates
Open /opt/etc/opkg.conf
with your favorite text editor and replace http://bin.entware.net/…
with https://bin.entware.net/…
.
Using opkg
The system PATH variable may need to be reordered because, for many systems, the paths to Entware binaries may be at the end of the PATH variable. Because opkg
calls wget
, the shell might use the system's wget
instead of Entware's wget
(wget
returned 1, not a HTTP or FTP URI).
If your device uses a read-only filesystem, making permanent changes to the PATH
impossible, the current shell PATH
value must be modified for every session. You can store the modified PATH
variable somewhere and then import it whenever you want, for example:
Take a look at your current shell paths
# $PATH
-sh: /bin:/usr/bin:/sbin:/usr/sbin:/jffs/sbin:/jffs/bin:/jffs/usr/sbin:/jffs/usr/bin:/opt/sbin:/opt/bin:/opt/usr/sbin:/opt/usr/bin
Reorder them and form the "export PATH=" line, and use echo to write that to a file, like /opt/PATH
# echo export PATH=/opt/sbin:/opt/bin:/opt/usr/sbin:/opt/usr/bin:/bin:/usr/bin:/sbin:/usr/sbin:/jffs/sbin:/jffs/bin:/jffs/usr/sbin:/jffs/usr/bin: > /opt/PATH
Whenever you need the shell to prioritize Entware, you can quickly change it
# source /opt/PATH
To bring it back to normal, start a new shell or restart the current one
Now opkg
should secure connection to repo:
# opkg update
Downloading https://bin.entware.net/mipselsf-k3.4/Packages.gz
Updated list of available packages in /opt/var/opkg-lists/entware
Links
- HTTPS wiki page - https://en.wikipedia.org/wiki/HTTPS
- Basic opkg usage - https://github.com/Entware/Entware/wiki#using-repo