The WBM on WAGO devices uses unsigned certificates, and requires the browser to allow an exception.
Has anyone found a way to install custom signed certificates to avoid this warning message?
If so, is there a service out there to manage/automate updating the certs on remote devices on a yearly basis (before they expire)?
Using http is not an option in some cases, because certain IT departments do not allow that any longer.
I am thinking something like Key Manager Plus over a VPN might be a solution…
Certbot will guide you through the DNS challenge process. You’ll need to create a DNS TXT record to prove domain ownership.c. Retrieve the Certificate Files:
Certbot will save the certificate files (including the private key) in a directory (usually /etc/letsencrypt/live/<your-domain.com>).
You’ll find files like cert.pem (certificate), privkey.pem (private key), and fullchain.pem (certificate chain).d. Configure Your Controller:
Upload the certificate files to your controller.
Configure your web server (e.g., Nginx, Apache) on the controller to use these certificates.
Specify the paths to cert.pem and privkey.pem in your server configuration.e. Automate Certificate Renewal:
Let’s Encrypt certificates expire after 90 days. Set up a cron job or systemd timer to automatically renew the certificates using Certbot:
sudo certbot renew
I dont think certbot will run on the WAGO Linux…
Hi Kurt,
There’s a docker version of certbot.
There are also a lot of ACME implementation :
I used acme.sh once.
But for all those solution note that you need an open https port and a DNS to be set up.
You can use CRON in order to update on a regular basis the certificates.
(Let’s encrypt certificates expires after 90 days)