Add option client_auth=path_to_ca_cert_file to the uhttpd config file. Only client certificates issued by a specified CA can be used for client authentication.
Signed-off-by: Luka Logar <[email protected]> --- package/network/services/uhttpd/files/uhttpd.config | 3 +++ package/network/services/uhttpd/files/uhttpd.init | 1 + 2 files changed, 4 insertions(+) diff --git a/package/network/services/uhttpd/files/uhttpd.config b/package/network/services/uhttpd/files/uhttpd.config index 40ce67fd01..e95fa49517 100644 --- a/package/network/services/uhttpd/files/uhttpd.config +++ b/package/network/services/uhttpd/files/uhttpd.config @@ -111,6 +111,9 @@ config uhttpd main # resources. # list httpauth prefix_user + # Enable if you want to use TLS client certificate + # authentication. + # option client_auth /etc/ssl/certs/client_ca.crt # Defaults for automatic certificate and key generation config cert defaults diff --git a/package/network/services/uhttpd/files/uhttpd.init b/package/network/services/uhttpd/files/uhttpd.init index 869f79bea2..a6e96f3cda 100755 --- a/package/network/services/uhttpd/files/uhttpd.init +++ b/package/network/services/uhttpd/files/uhttpd.init @@ -148,6 +148,7 @@ start_instance() append_arg "$cfg" error_page "-E" append_arg "$cfg" max_requests "-n" 3 append_arg "$cfg" max_connections "-N" + append_arg "$cfg" client_auth "-b" append_bool "$cfg" no_ubusauth "-a" 0 append_bool "$cfg" no_symlinks "-S" 0 -- 2.25.1 _______________________________________________ openwrt-devel mailing list [email protected] https://lists.openwrt.org/mailman/listinfo/openwrt-devel
