What's new

Is Merlin https CERT or let's encrypt more secure?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

lenovomen

Occasional Visitor
Hi,

I have enabled the https function in my router so that it can now be accessed at https://192.168.50.1:8443, but I have not enabled DDNS and let's encrypt. Is the router's CERT enough? Or is it less secure? Can it be easily hack?
 
They're all just as secure. They all rely on similar cryptos.
 
Thank you very much for your quick reply Dear Merlin 😊!

I only asked the question because Ai intelligence was answered me a weird solution. It recommended the let's encrypt because it can't be changed if someone has physical access or hack my admin password.

So if I don't enable DDNS and let's encrypt. Is the router generated CERT file enough and cannot be easily hack or replace it another one?
 
All the certificate does is encrypt the exchange between the router and your browser when you connect to the router's webui. It has no other impact on security. If someone has access to replace the certificate, it won't matter if the initial certificate was LE or self-signed.
 
All the certificate does is encrypt the exchange between the router and your browser when you connect to the router's webui. It has no other impact on security. If someone has access to replace the certificate, it won't matter if the initial certificate was LE or self-signed.
Thank you very much friend, now I understand everything.
 
f someone has access to replace the certificate, it won't matter if the initial certificate was LE or self-signed.

Just want to add that a self-signed cert is not a bad thing - it still has to be generated by a CA, so one is certifying that "I made this cert" - the key diff between LE or any other CA that is not self-signed, is the knowledge/trust levels...

Self-signed certs live forever until they are changed...

Get's odd for boot certs - those need to be long lived, as devices both on the shelf, and reset devices in the field - if the cert expires, the device can't get provisioned if it is a central managed device.
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top