In order to install the certificate I did something very naive: 

1) I deployed an OS to the machine
2) Stored rootCA.der under /boot/efi/EFI/BOOT/

3) Restarted the machine

4) press F2 and install the certificate as it was available in the storage

5) select HTTPS boot in the boot list.

My nginx server is pretty simple, and it's configured as

server {

listen [::]:5248;

listen 5248;

server_name     192.168.120.1;

ssl_certificate path_to_myip.crt;

ssl_certificate_key path_to_myip.key;

ssl_protocols   TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;

You receive all messages sent to this group.

View/Reply Online (#110132) | | Mute This Topic | New Topic
Your Subscription | Contact Group Owner | Unsubscribe [rebecca@openfw.io]