After installing OpenWRT Chaos Calmer, I noticed that OPKG calls are performed via HTTP without SSL. Changing to HTTPS was not as simple as adding just one letter ’s’. Read on for the steps.
Before we begin, run
opkg update. This will retrieve list of updated packages from the official repository.
wget is a program for retrieving content from web servers. OpenWRT comes with that builtin but without SSL support due to size constraints. Most routers have tiny storage capacity with a lot of them barely having enough to store SSL libraries and/or root certificates.
wget with SSL support, run
opkg install wget.
In order for SSL certificates to be validated, root certificates should be added. If you need to save space however, you should add required certificates manually. I will only be describing how to add root certificates, run
opkg install ca-certificates.
If you have LuCI (GUI) installed, enabling SSL is very easy. Navigate to
System > Software > Distribution feeds. Replace all
http:// URLs to
If you do not have LuCI, you will have to edit
/etc/opkg/distfeeds.conf using your preferred editor.
Perform an update,
opkg update. Packages should be retrievable.