Adding own certs to connect via WebDAVS/FTPS again

    Has this fix been migrated to other builds too?

    I'm running libreelec on an intel platform and have a need to use a self signed certificate (sophos utm web filtering). Without this certificate present, clients https session are blocked.

    Thanks!

    Hello community

    i have tried adding my self signed synology to get webdavs working correctly on the new build 8.90.005

    However, it is warning me: CCurlFile::Exists - Failed: Peer certificate cannot be authenticated with given CA certificates(60)

    So i tried installing certificates. My Synology nas gives me two certificates: synology-ca-cert.pem and cert.pem

    I have tried copying the synology-ca-cert to the /storage/.config/cacert.pem but that lead to this error:

    CCurlFile::Exists - Failed: SSL peer certificate or SSH remote key was not OK(51)

    The certificate is one signed by synology. ( i connect via a xxxxx.synology.me name)

    Any idea why this might not be working?


    remark: would it be helpul to once connect to the host via SSL?

    That would ask for the ECDSA key fingerprint and will add it to the list of known hosts.

    Edited once, last by mfrank66 (September 19, 2018 at 2:22 PM).

    Quote from chewitt

    That's the idea.

    That works very well with this idea. Even in 2025 with the current versions of LibreELEC ;)

    But: Can you take it a step further? What if the user could simply drop in their own issued certificates without needing to change the names, so that the filenames can remain as boxcert.cer, owncert.pem, and mycert.cer, regardless of whether it is a *.cer or a *.pem file?
    It should be made as simple as possible for the average user. This is already possible with web browsers and operating systems. Just drop in the certificate and it's done.