Mkcert on OpenWrt (MIPS)

Mkcert is a simple, zero-conf tool for making locally-trusted development certificates. It is a very useful helper tool in preventing the browsers from whining about insecure/untrusted connections on LAN-only web interfaces, like those on routers.

I’m using an old(ish) Ubiquiti Edgerouter X-router as my home network firewall/router. The main specs of the Edgerouter X are: MediaTek MT7621 4-core MIPS processor, 250Mb of memory and 250Mb of storage. The original Ubiquiti firmware has already been replaced with OpenWrt some years ago.

There are no official mkcert packages for OpenWrt (as of November 2023), but because mkcert is a Go program, it is very easy to cross-compile it for the MIPS architecture on another Linux device and copy it to the router:

git clone https://github.com/FiloSottile/mkcert.git
cd mkcert/
GOOS=linux GOARCH=mipsle GOMIPS=softfloat go build -o mkcert
scp -O ./mkcert root@192.168.1.1:/root/

Please note the “-O”-switch on the above scp command. OpenWrt’s Dropbear SSH/SCP server supports by default only the older scp protocol, so you need to tell the scp on your Linux box to use that instead of the currently standard sFTP protocol, otherwise the connection will fail.
You may well leave the mkcert binary in the /root directory where it was copied to, just run it as ./mkcert.

This entry was posted in Linux and tagged , . Bookmark the permalink.