Edit: Deprecated as of 380.67 - see documentation
If https_crt_save variable is turned off, turn it on:
# nvram get https_crt_save
0
# nvram set https_crt_save=1
# nvram get https_crt_save
1
Copy private key and full chain to /etc/key.pem and /etc/cert.pem:
# cat >/ etc/key.pem
...
# cat > /etc/cert.pem
...
Get current contents of TLS certificate (empty if none):
# nvram get https_crt_file
Restart httpd, which reads /etc/key.pem and /etc/cert.pem, combines them (tarball), and saves the combination in https_crt_file.
On reboot, when httpd starts up, the files /etc/key.pem and /etc/cert.pem do not exist, so it takes the value of https_crt_file (if any) for the TLS certificate.
# service restart_httpd
# nvram get https_crt_file
... compare to previous certificate ...