RT-AC66U Heartbleed fake CA for HTTPS admin ?

[e-motion]

Here is my question : wouldn't it be possible for an attacker to change the CA the router is using (following Heartbleed vulnerability in OpenSSL) when administering it via HTTPS ?

I'm wondering because on a LAN, my router's certificate is no longer trusted, according to both Firefox and IE.

 

[RMerlin]

Here is my question : wouldn't it be possible for an attacker to change the CA the router is using (following Heartbleed vulnerability in OpenSSL) when administering it via HTTPS ?

I'm wondering because on a LAN, my router's certificate is no longer trusted, according to both Firefox and IE.

This has been mentioned numerous times, even in Asus's release notes: Asus routers were never vulnerable to Heartbleed.

 

[e-motion]

This has been mentioned numerous times, even in Asus's release notes: Asus routers were never vulnerable to Heartbleed.

Ok, sorry for that. Let me rephrase my question then : what could be causing the CA cert used by the RT-AC66U on HTTPS management to show as not trusted all of a sudden ?

 

[RMerlin]

Ok, sorry for that. Let me rephrase my question then : what could be causing the CA cert used by the RT-AC66U on HTTPS management to show as not trusted all of a sudden ?

It never was trusted, because it's a self-signed certificate. You might have had told your browser to automatically accept it at some point, and when it got re-generated by the router it is now once again reported as being untrusted.

To be automatically trusted, a certificate must be signed by a known certificate authority, such as Entrust, Comodo, etc...