Tomato has a built-in feature to generate and use self-signed SSL certificates for the WAN-side HTTPS administration (when enabled). Self-signed certificates are fine for home usage and usually require an explicit approval that varies from browser to browser.
How to use self-signed certficates for HTTPS
Go to Administration » Admin Access, and configure as follows:
- Local Access = HTTPS or HTTP & HTTPS
- Regenerate = TRUE
- Save in NVRAM = TRUE
- Remote Access = HTTPS
Then hit Save. The certificates will be generated and stored in NVRAM.
How to use standard signed SSL certificates
First, follow the steps above and verify that the admin access works with the self-signed certificate. Then:
- Replace "/etc/cert.pem" and "/etc/key.pem" files by your own cert files.
- In terminal session, execute the following command:
tar -C / -czf /tmp/cert.tgz etc/cert.pem etc/key.pem
- Save the created /tmp/cert.tgz file to nvram:
nvram setfb64 https_crt_file /tmp/cert.tgz nvram commit
- Restart the httpd service:
service httpd restart
Remember, that if you ever save the settings on the Admin Access page with the Regenerate box checked, or with Save in NVRAM box unchecked, you will loose your certificate and you will have to do these steps all over again.