dnsomatic and ssl

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Perry Rhodan

New Around Here
I've searched here and reviewed the changelog file and can't seem to locate this information.

When ever my router updates my IP on dnsomatic the log entry below seems to indicate the connection was over port 80, is this just a typo or are the connections not encrypted?

connected to updates.dnsomatic.com (67.215.92.215) on port 80.
 

Zirescu

Very Senior Member
Near as I can tell it is using the default port 80 when using the Web UI. You could use the Custom Script option and the following custom dns-o-matic script to do updates over https.
 

Perry Rhodan

New Around Here
I figured I could use the custom script, it's just since the service is in the list it would make sense it would use ssl out of the box. Else it's a serious security issue.
 

RMerlin

Asuswrt-Merlin dev
I figured I could use the custom script, it's just since the service is in the list it would make sense it would use ssl out of the box. Else it's a serious security issue.

Unfortunately, the dynamic dns client Asus uses is prehistoric, and never had SSL support implemented before it was abandoned by the original developers.

I can't just change that client, that would require for me to re-implement every DDNS that Asuswrt currently supports and that wouldn't be supported by a new client, such as Asus's own DDNS. That's something I don't have the time to work on, sorry. That's one of the reasons why I came up with a custom script implementation, so people can roll their own implementation as needed.
 

Perry Rhodan

New Around Here
Merci Eric!

Yes I understand the effort required to maintain DDNS outside the ASUS realm would be unsustainable. I'll look at using a custom script, or carry on paying for a static IP with my ISP. Just can't justify the risk on using http as sending non-encrypted credentials is looking for trouble...
 

steelskinz

Regular Contributor
If you suceed with dns o matic and ssl could you post a tutorial ? Could be interesting to know and share ! Thank ! :)
 

Zirescu

Very Senior Member

steelskinz

Regular Contributor
Got "request error!" even if i put my opendns name display (as advice for dnsomatic).
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top