Mkcert is a simple, zero-conf tool for making locally-trusted development certificates. It is a very useful helper tool in preventing the browsers from whining about insecure/untrusted connections on LAN-only web interfaces, like those on routers.
I’m using an old(ish) Ubiquiti Edgerouter X-router as my home network firewall/router. The main specs of the Edgerouter X are: MediaTek MT7621 4-core MIPS processor, 250Mb of memory and 250Mb of storage. The original Ubiquiti firmware has already been replaced with OpenWrt some years ago.
There are no official mkcert packages for OpenWrt (as of November 2023), but because mkcert is a Go program, it is very easy to cross-compile it for the MIPS architecture on another Linux device and copy it to the router:
git clone https://github.com/FiloSottile/mkcert.git cd mkcert/ GOOS=linux GOARCH=mipsle GOMIPS=softfloat go build -o mkcert scp -O ./mkcert email@example.com:/root/
Please note the “-O”-switch on the above
scp command. OpenWrt’s Dropbear SSH/SCP server supports by default only the older scp protocol, so you need to tell the
scp on your Linux box to use that instead of the currently standard sFTP protocol, otherwise the connection will fail.
You may well leave the
mkcert binary in the
/root directory where it was copied to, just run it as