wildonion/SSL_SETUP

## SSL_SETUP
==============
ON IMX6UL SIDE
==============


sudo mount -o remount, rw /
sudo openssl genrsa -des3 -out 19216821.key 2048
sudo openssl rsa -in 19216821.key -out 19216821.key
sudo openssl req -new -key 19216821.key -out 19216821.csr
sudo openssl x509 -req -days 3000 -in 19216821.csr -signkey 19216821.key -out 19216821.crt
sudo -s
cat 19216821.{key,crt} > 19216821.pem
sudo chmod -R 400 /etc/lighttpd/certs/
curl -k -o /dev/null -s -v https://192.168.2.1

put the following on /etc/lighttpd/lighttpd.conf


$SERVER["socket"] == ":443" {
       ssl.engine = "enable"
       ssl.pemfile = "/etc/lighttpd/certs/19216821.pem"
}


lighttpd -tt -f /etc/lighttpd/lighttpd.conf
lighttpd -t -f /etc/lighttpd/lighttpd.conf


WHY WE NEED TO MAKE THE GATEWAY SECURE???????????????????????????
WE CAN'T I THINK!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
THE POINT OF MAKING AN IP SECURE IS TO LET USER KNOW WHAT IS HAPPENING
BUT IN CAPTIVE PROCESS YOU WANT TO REDIRECT THE USER WIHOUT HIS/HER KNOWLEDGE TO SOMEWHERE
	==============
	ON IMX6UL SIDE
	==============


	sudo mount -o remount, rw /
	sudo openssl genrsa -des3 -out 19216821.key 2048
	sudo openssl rsa -in 19216821.key -out 19216821.key
	sudo openssl req -new -key 19216821.key -out 19216821.csr
	sudo openssl x509 -req -days 3000 -in 19216821.csr -signkey 19216821.key -out 19216821.crt
	sudo -s
	cat 19216821.{key,crt} > 19216821.pem
	sudo chmod -R 400 /etc/lighttpd/certs/
	curl -k -o /dev/null -s -v https://192.168.2.1

	put the following on /etc/lighttpd/lighttpd.conf


	$SERVER["socket"] == ":443" {
	ssl.engine = "enable"
	ssl.pemfile = "/etc/lighttpd/certs/19216821.pem"
	}



	lighttpd -tt -f /etc/lighttpd/lighttpd.conf
	lighttpd -t -f /etc/lighttpd/lighttpd.conf





	WHY WE NEED TO MAKE THE GATEWAY SECURE???????????????????????????
	WE CAN'T I THINK!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
	THE POINT OF MAKING AN IP SECURE IS TO LET USER KNOW WHAT IS HAPPENING
	BUT IN CAPTIVE PROCESS YOU WANT TO REDIRECT THE USER WIHOUT HIS/HER KNOWLEDGE TO SOMEWHERE