How to run on OpenWrt - acmesh-official/acme.sh GitHub Wiki

See OpenWrt Wiki: Get a free HTTPS certificate from LetsEncrypt for OpenWrt with ACME.sh

Setup and run acme.sh on your OpenWrt router and have HTTPS secured management.

Step 1: Install packages

opkg install luci-ssl-openssl acme luci-app-acme

If you want to use DNS-based certificate verification, also install the DNS providers:

opkg install acme-acmesh-dnsapi

Step 2: Configure Web Server

Here we'll tell uhttpd redirect to HTTPS.

These commands use the OpenWrt uci command, a brilliant way to parse, get, set, and edit values and sections from config files. It makes scripting OpenWrt a breeze.

uci set uhttpd.main.redirect_https=1
uci commit uhttpd
/etc/init.d/uhttpd restart

Step 3: Configure acme.sh and get your certificate

On your router:

Navigate to Services -> ACME certs in LuCI and configure your certificate details. Make sure to select 'Use for uhttpd', and 'Enabled' for your configured certificate. If you prefer to use the command line, simply edit /etc/config/acme, and run /etc/init.d/acme start afterwards.

Step 4: Configure Firewall

Open or forward LuCI port for external access. (use Webinterface)