Certbot on OpenWrt


I have powerful router Turris Omnia and I’m running Apache on it. Unfortunately, it’s running on OpenWrt, which is not supported by certbot-auto. Did anyone try to use certbot to get certificates for Apache on OpenWrt? I’m primarily a web developer and things like cross-compiling are Greek to me.



hi @MekliCZ

There are three options

A) Use a BASH based client (getSSL, dehydrated) are quite popular
B) use another server and then use API or SSH interface to install certificates
C) Use a custom script (https://www.snip2code.com/Snippet/1362606/manage-a-OpenWRT-LetsEncrypt-https-insta)

Bash Clients:

GetSSL (bash, also automates certs on remote hosts via ssh)
acme.sh (Compatible to bash, dash and sh)
dehydrated (Compatible to bash and zsh)



Still another option would be to use a web-based client like https://www.zerossl.com/.


Here is a guide: How to run acme.sh on OpenWRT


My website https://wiki.findrbot.com/compile-package-openwrt shows you how to do lots of things, one of them being compiling a package for OpenWRT. You can use that tutorial and see if you can compile newer versions of the packages to get the dependancies you need to install letsencrypt binaries on the router.

I have an OpenWRT router, I will see if it is even possible, and reply back if you haven’t sorted it out.

A quick google returns the following:

and even better in my opinion, https://forum.openwrt.org/viewtopic.php?id=65090

Silly me, I just noticed NeilPang provided a better tutorial :stuck_out_tongue:


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.