What's new

ASUS RT-AC66U/R HTTPS Issue FW: 380.68_4 = *RESOLVED AS OF 11/16/17*

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

ShaXdow5

New Around Here
Hello, I'm new to this forum :D

So I have the Asus RT-AC66R and when I attempt to use HTTPS as the authentication method the UI becomes completely and utterly unusable. Also the admin page will only load in google chrome (even in chrome it will kick you out sometimes and the only way I've been able to get back in is if I hit the back button on my browser and refresh constantly), tried several different ways/links/etc but if you try in any other browser it just wont load when its set to HTTPS other than chrome. I've seen in previous firmware versions in this thread this issue has come up in the past and was fixed with an updated firmware revision. Not sure if this is a bug that re-occurred or if I may be missing something but I until it is resolved I'm forced to use unsecured HTTP method. Also when the modem has authentication method set to just HTTP everything works perfectly fine, and fast but not secured :p
 
I had this issue with my 88U. I fixed it by uploading a properly signed certificate.
I’d lived with it being slow/unusable for months figuring it was just how it was :facepalm:


Sent from my iPhone using Tapatalk
 
I used https://www.sslforfree.com

But note I had to use a ‘real’ domain name that I own in order to authenticate it etc.


Sent from my iPhone using Tapatalk
 

I wouldn't trust that site. They don't even identify themselves, and their whois information is marked as private, so you have no idea who's the "We" they are referring to in their minimalist FAQ. They're even taking steps to hide their identity. For all you know, they might be harvesting domain information for potential spam, or keeping a copy of your private key for potential attack against your domain...
 
I wouldn't trust that site. They don't even identify themselves, and their whois information is marked as private, so you have no idea who's the "We" they are referring to in their minimalist FAQ. They're even taking steps to hide their identity. For all you know, they might be harvesting domain information for potential spam, or keeping a copy of your private key for potential attack against your domain...

I didn’t provide any key. They generated one for me. Not that that is any better. But the key exists only on the router. And the router opens only OVPN to the outside world (with my ‘real’ private key associated with it).
All I did was confirm I own the domain via a DNS TXT record. I tried MANY other sites that provide a certificate but this was the only one the router accepted and my browser also didn’t moan about (for the ones that I did manage to get to load).
The authority behind them is “Let’s Encrypt” who are somewhat more well known. I agree it is odd that they are trying to hide that fact though.


Sent from my iPhone using Tapatalk
 
Oh, and the domain exists only on the router too, I don’t use it for anything else.


Sent from my iPhone using Tapatalk
 
Problem is not limited to AC66U.
The only browser that works as expected is Internet Explorer.
Sad but true!
 
I didn’t provide any key. They generated one for me. Not that that is any better. But the key exists only on the router. And the router opens only OVPN to the outside world (with my ‘real’ private key associated with it).
All I did was confirm I own the domain via a DNS TXT record. I tried MANY other sites that provide a certificate but this was the only one the router accepted and my browser also didn’t moan about (for the ones that I did manage to get to load).
The authority behind them is “Let’s Encrypt” who are somewhat more well known. I agree it is odd that they are trying to hide that fact though.


Sent from my iPhone using Tapatalk

They act as the middle man between you and Let's Encrypt. Their motivation behind doing that without so much as having ads on their website to finance themselves raises an alarm bell here.

Generating a certificate requires you to generate a key, which is used to sign the CSR, and also to enable the certificate once installed on your router. That key was generated in your browser, so you have no way of knowing if they didn't retrieve a copy of that key.
 

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top