Where can I find the most up to date SSL certificates for CDRouter's ACS and download server?
CDRouter TR-069 includes a number of different ACS and ACS download server
certificate files which can be used for SSL/TLS testing. All certificates are
distributed in .pem format and are located in the /usr/cdrouter/tests
directory on the CDRouter host system.
Sectigo/Comodo Signed Server Certificates
The ACS and ACS download server certificates used in CDRouter are valid for one year and expire every year in January or early February.
Updated server certificates will be included in new versions of CDRouter when
available. If you are using an older version of CDRouter with expired
certificates, you may download the current valid certificates in either SHA384
or SHA1 (legacy) format below and copy them to the /usr/cdrouter/tests
directory on your CDRouter system.
Current ACS and download server certificates
The most up to date certificates for CDRouter’s ACS and ACS download server can be found in the following table. This certificate chain uses SHA384 with RSA encryption.
| Certificate Type | File | Expiration Date |
|---|---|---|
| ACS certificate | acs.cdroutertest.com.pem | January 12, 2026 |
| Download server | acs-download.cdroutertest.com.pem | January 13, 2026 |
| Intermediate CA (SHA384) | acs.cdroutertest.com-ca.pem | December 31, 2030 |
| Root CA (SHA384) | acs.cdroutertest.com-rootca.pem | January 18, 2038 |
Intermediate chain for legacy devices
Some legacy devices may not support installing a Root CA with SHA384 with RSA encryption. For these devices an alternate chain using a SHA384 intermediate and SHA1 root CA with RSA encryption is available in the following table:
| Certificate Type | File | Expiration Date |
|---|---|---|
| Intermediate CA | acs.cdroutertest.com-ca-sha1.pem | December 31, 2028 |
| Root CA (SHA1) | acs.cdroutertest.com-rootca-sha1.pem | December 31, 2028 |
Note: In the above table, the Intermediate CA file contains two (2) Intermediate certs concatenated together.
