VI. Feature Setup

How to apply Let's Encrypt certificate on Draytek routers

Products:
Vigor 2620Ln
Vigor 2762
Vigor 2765
Vigor 2862
Show all

Keywords:
Let's Encrypt
certificate

This article addresses both DrayOS and Linux based Draytek routers. Each latest OS supports DrayDDNS for Let’s Encrypt certification.
It is presumed that your DrayDDNS or registered domain has been successfully registered.
Also check that the [System Maintenance] > [Time and Date] current system time is synchronised with an NTP server or your browser.


Make sure that your DrayOS router is running 3.9.0 or higher firmware version that supports Let’s Encrypt certificate for DrayDDNS domains. If you need to activate your DrayDDNS service first, follow steps described in this article

Step 1 - Check the DrayDDNS status and Generate Let's Encrypt certificate

  • Go to [Applications] > [Dynamic DNS Setup], and double check that the DrayDDNS is Activated.
  • The latest firmware includes the new Create button under the Let's Encrypt certificate section. Check the Auto Update, and press Create.

kb lets encrypt drayos 01

  • It may take a few minutes for the router to generate the certificate.

kb lets encrypt drayos 02

Step 2 - Apply the certificate to router's services

  • When the process is finished, a confirmation message will pop up. Press Use this certificate for all my services to apply the new certificate immediately.

kb lets encrypt drayos 03

Step 3 - Confirm that the correct certificate is selected

  • You can check that the new certificate is applied in the [SSL VPN] > [General Setup] page. The Server Certificate should be set to DrayDDNS.

kb lets encrypt drayos 04

Step 4 - Enable HTTPS remote management

  • Make sure that your router's remote management is allowing HTTPS Services in the [System Maintenance] > [Management] page.
  • Note that a reboot will be required when updating any settings here.
    kb lets encrypt drayos 05

Step 5 - Test the new certificate configuration

  • You can access your router over the HTTPS secured connection by typing your DrayDDNS domain, e.g. https://example.drayddns.com. The browser should now recognise your signed certificate.

kb lets encrypt drayos 06

How do you rate this article?

1 1 1 1 1 1 1 1 1 1