Hi Folks

Been selling and using Vigor routers for so many years I lost count but have never installed a COMODO or other trusted certificate for https access to the router. Please be gentle!

Firstly, I assume it's the "Trusted CA Certificate" menu option I need? From what I've read, the "Local Certificate" option is for self-signed certs.

I went through the process of creating the certificate for Root CA but all it's done is create a PEM SSL certificate and not a signing request that I can take along to COMODO to purchase my SSL certificate. What gives?? Have I don't the wrong thing?

If anyone on the forum has done this, please help - I don't have much hair to pull out!

Thanks in anticipation
Chris

Please have a read of this guide, it should clear up how the certificate signing request (CSR) process works for you:
http://www.draytek.co.uk/support/guides/kb-local-certificate-management

Please have a read of this guide, it should clear up how the certificate signing request (CSR) process works for you

I have this guide and followed it but the request now appears to be "frozen" in "Requesting" mode and there is nothing I can do with it. I cannot delete it, refresh it or even add another one. Completely non-responsive.

Cheers
Chris

I am guessing that what this means is that the:

X509 Local Certificate Configuration
is for installing a proper, COMODO or other genuine certificate and

X509 Trusted CA Certificate Configuration
is for self-signed certificate installation

So the "Trusted CA Certificate Configuration" is empty and the "Local Certificate Configuration" is now not working... I cannot reset the router to factory settings because it's on a live site. Any help would be greatly appreciated.

Cheers
Chris

It's fiddly but I have done it with a free Let's Encrypt SSL certficate. The process is:

1) Obtain a SSL certificate with a 2048 bit rsa key size. The Draytek does not support 4096 bit rsa keys. Let's encrypt provides 3 files; cert.pem (this can be renamed to something more meaningful), chain.pem and privkey.pem key files.
2) Certificate Management >> Local Certificate click Import.
3) Certificate file: choose cert.pem (or whatever you have renamed the file to)
4) Key file: choose privkey.pem
5) Certificate Management >> Trusted CA Certificate. Click Import.
6) Click "Choose file". Choose chain.pem. Click Import
7) Apply and reboot router
8] SSL VPN >> General Setup
9) Choose “cert” or whatever you’ve renamed the file.
10) Apply and reboot router.
11) Close your browser tab and the connect to the router.

Hope this helps.