HTTPS to Router UI gives certificate error

[Hooobi]

I read somewhere that using HTTPS when accessing your router provides heightened security. I'm not sure if that applies to local access as well, but that is the only way I access mine.

When I implemented this, I began getting Certificate Errors every time I access the UI through IE at https://192.168.1.1:8443/

The IE error page suggests I close the webpage, or Continue to this Website (not recommended). I always choose continue and then login without issue. However, I notice sometimes that after I log back out, I can still re-access the UI without reentering my credentials.

Is there any way to stop these errors? Should I simply not bother with HTTPS for local access only?

This is with an AUS RT-AC66R

TIA

 

[vshah]

perhaps the client you are accessing from does not trust the Root Certificate authority that issued the ssl cert the router is using.

 

[lif_andi]

Odds are that the certificate the router is using is not CA certified and thus is not trusted by IE.

 

[Hooobi]

Thanks for the replies. Any way to fix the untrusted cert issue, or should I just continue to ignore it? I assume there's no risk in doing so since all I'm doing is accessing the UI from the local network?

 

[Mark R]

Thanks for the replies. Any way to fix the untrusted cert issue, or should I just continue to ignore it? I assume there's no risk in doing so since all I'm doing is accessing the UI from the local network?

The technique depends on the browser. All browsers support this, but it is often made very difficult to discourage people to do it:
How to do it in IE8.

In general most IEs are similar, but there are slight differences between versions and versions of Windows - which can cause confusion.

There is no risk in ignoring the error in this circumstance. The warning tells you that the identity of the server could not be independently validated to correspond to the URL.

So, if you go to www.paypal.com, your browser will check the server certificate to see if it is legit and signed by someone trustworthy. If it isn't signed then you get the warning to tell you that it can't be sure that this is the real paypal site.

In your case, you're just accessing your router, and it's probably an IP address which is private to your network (so not accessible by hackers), so there is no real issue in ignoring the warning.

 

[John Connor]

I get this all the time from Firefox or Pale Moon accessing my router. When I add an exception which gets stored in the registry I don't have the problem anymore. The problem lies in the signed certificate.

Check this out. http://www.dd-wrt.com/phpBB2/viewtopic.php?t=154874&sid=e620ae70713cae955d25e804c37c3226

 

[imagoon]

The technique depends on the browser. All browsers support this, but it is often made very difficult to discourage people to do it:
How to do it in IE8.

In general most IEs are similar, but there are slight differences between versions and versions of Windows - which can cause confusion.

There is no risk in ignoring the error in this circumstance. The warning tells you that the identity of the server could not be independently validated to correspond to the URL.

So, if you go to www.paypal.com, your browser will check the server certificate to see if it is legit and signed by someone trustworthy. If it isn't signed then you get the warning to tell you that it can't be sure that this is the real paypal site.

In your case, you're just accessing your router, and it's probably an IP address which is private to your network (so not accessible by hackers), so there is no real issue in ignoring the warning.

Or you just add it directly to the cert store. Basically you do step 12 out of that list directly.