Menu
What's new
By:
Filters Better Search

Feature Request:GUI for lets encrypt cert requests and renewal.

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

you been serious? its a lan device, not an internet device.

If the certificate changes (e.g. MITM) the user is still alerted anyway.

So you add existing cert of router to trust store.
No prompts.
If a MITM occurs or other change of cert, new prompt appears.
 
Chrysalis said:
you been serious? its a lan device, not an internet device.

If the certificate changes (e.g. MITM) the user is still alerted anyway.

So you add existing cert of router to trust store.
No prompts.
If a MITM occurs or other change of cert, new prompt appears.
Click to expand...

Adding a CA (Let's Encrypt) means all certs signed by the CA are valid. Constant, manual overrides are unneeded.

If usage is purely internal then Let's Encrypt is a bit strange, but it seems like many users are running a publicly acessible VPN which does benefit from HTTPS and usage of a CA.
 
Given letsencrypt certs only last 3 months the renewals will be more work then whitelisting the cert, I whitelisted my router cert several months ago.

So an administrator is going to go to all the trouble of getting a trusted certificate authority just so they dont have to whitelist the cert on their local router?

VPN's may be a different thing, but remember these routers are for personal not commercial use.
 
Chrysalis said:
Given letsencrypt certs only last 3 months the renewals will be more work then whitelisting the cert, I whitelisted my router cert several months ago.

So an administrator is going to go to all the trouble of getting a trusted certificate authority just so they dont have to whitelist the cert on their local router?

VPN's may be a different thing, but remember these routers are for personal not commercial use.
Click to expand...

Well, letsencrypt's idea is to auto-renew. So ideally, you shouldn't have to do anything once everything is setup. The auto-renewal stuff is still iffy, even on proper linux. So it would take some time and effort for it to mature on wrt, but if/when it does, it should work seamlessly.
 
for people who really want to do this then use a linux machine to host the domain for the cert generation.

Script on the router to call the cert script over ssh, and when complete scp the file back to router.
 
Chrysalis said:
for people who really want to do this then use a linux machine to host the domain for the cert generation.

Script on the router to call the cert script over ssh, and when complete scp the file back to router.
Click to expand...

Why not use the (Linux-based) AsusWRT router?
 
You must log in or register to reply here.

Similar threads

T
How to add SSL cert?
Replies
0
Views
651
trevor68
T
mekki
Solved UPDATE: No longer required. See thread. - [Feature request] Option for DHCP Query Frequency Backoff Mode
2 3 4
Replies
76
Views
7K
thiggins
thiggins
D
Port Forwarding 80 and 443 not working
Replies
3
Views
1K
dgrigo
D
M
Kamoj Kamoj Addon 5.5 Beta for Netgear R7800/R8900/R9000 with Voxel FW - Continuation
Replies
3
Views
212
kamoj
kamoj
SysXpl
New router for good price - Best firmware for stability, security and privacy?
Replies
4
Views
330
bbunge
bbunge
Similar threads
Thread starter Title Forum Replies Date
D Feature request: Two factor authentication web login. (TOTP) Asuswrt-Merlin 8
M [🙏 Feature request For Asus Merlin] Add Public WiFi Mode for GT-AX11000 Asuswrt-Merlin 7
G Feature request: firewall url filter log Asuswrt-Merlin 0
Q [Feature Request] Schedule DoS Protection state and/or whitelist option Asuswrt-Merlin 5
mekki Solved UPDATE: No longer required. See thread. - [Feature request] Option for DHCP Query Frequency Backoff Mode Asuswrt-Merlin 76
M [WAN feature request] GT-AXE16000 use 2.5G port as LAN and use 2 1GB ports for dual wan Asuswrt-Merlin 14
F Several Questions Re:Asuswrt-Merlin Feature Implementation Asuswrt-Merlin 2
L Feature suggest: web notifications Asuswrt-Merlin 1
cyruz Reversing the web node reboot feature Asuswrt-Merlin 0
S GT-BE98 Version Request Asuswrt-Merlin 9

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 700 (members: 15, guests: 685)
Top