Menu
What's new
By:
Filters Better Search

Feature Request:GUI for lets encrypt cert requests and renewal.

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

you been serious? its a lan device, not an internet device.

If the certificate changes (e.g. MITM) the user is still alerted anyway.

So you add existing cert of router to trust store.
No prompts.
If a MITM occurs or other change of cert, new prompt appears.
 
Chrysalis said:
you been serious? its a lan device, not an internet device.

If the certificate changes (e.g. MITM) the user is still alerted anyway.

So you add existing cert of router to trust store.
No prompts.
If a MITM occurs or other change of cert, new prompt appears.
Click to expand...

Adding a CA (Let's Encrypt) means all certs signed by the CA are valid. Constant, manual overrides are unneeded.

If usage is purely internal then Let's Encrypt is a bit strange, but it seems like many users are running a publicly acessible VPN which does benefit from HTTPS and usage of a CA.
 
Given letsencrypt certs only last 3 months the renewals will be more work then whitelisting the cert, I whitelisted my router cert several months ago.

So an administrator is going to go to all the trouble of getting a trusted certificate authority just so they dont have to whitelist the cert on their local router?

VPN's may be a different thing, but remember these routers are for personal not commercial use.
 
Chrysalis said:
Given letsencrypt certs only last 3 months the renewals will be more work then whitelisting the cert, I whitelisted my router cert several months ago.

So an administrator is going to go to all the trouble of getting a trusted certificate authority just so they dont have to whitelist the cert on their local router?

VPN's may be a different thing, but remember these routers are for personal not commercial use.
Click to expand...

Well, letsencrypt's idea is to auto-renew. So ideally, you shouldn't have to do anything once everything is setup. The auto-renewal stuff is still iffy, even on proper linux. So it would take some time and effort for it to mature on wrt, but if/when it does, it should work seamlessly.
 
for people who really want to do this then use a linux machine to host the domain for the cert generation.

Script on the router to call the cert script over ssh, and when complete scp the file back to router.
 
Chrysalis said:
for people who really want to do this then use a linux machine to host the domain for the cert generation.

Script on the router to call the cert script over ssh, and when complete scp the file back to router.
Click to expand...

Why not use the (Linux-based) AsusWRT router?
 
You must log in or register to reply here.

Similar threads

T
How to add SSL cert?
Replies
0
Views
461
trevor68
T
mekki
Solved UPDATE: No longer required. See thread. - [Feature request] Option for DHCP Query Frequency Backoff Mode
2 3 4
Replies
76
Views
4K
thiggins
thiggins
D
Port Forwarding 80 and 443 not working
Replies
3
Views
898
dgrigo
D
B
[Feature Request] Ignore Hostname for dnsomatic
Replies
4
Views
1K
bobyang
B
Phantomski
Solved [SOLUTION] Let’s Encrypt + DDNS/WAN Admin Domain Certificate Expired / not auto-renewed
Replies
0
Views
2K
Phantomski
Phantomski
Similar threads
Thread starter Title Forum Replies Date
M [🙏 Feature request For Asus Merlin] Add Public WiFi Mode for GT-AX11000 Asuswrt-Merlin 7
G Feature request: firewall url filter log Asuswrt-Merlin 0
Q [Feature Request] Schedule DoS Protection state and/or whitelist option Asuswrt-Merlin 5
mekki Solved UPDATE: No longer required. See thread. - [Feature request] Option for DHCP Query Frequency Backoff Mode Asuswrt-Merlin 76
M [WAN feature request] GT-AXE16000 use 2.5G port as LAN and use 2 1GB ports for dual wan Asuswrt-Merlin 14
A [Feature Request] Show all clients in Wireless Log Asuswrt-Merlin 1
P DNS Director- 2nd DNS server - Feature request Asuswrt-Merlin 8
torstein Feature request asuswrt-merlin: Option to quickly disable radios from the front / status page Asuswrt-Merlin 11
A Feature Request for ASUS FTP Server Port Selections Asuswrt-Merlin 4
H [Feature Request] Delay start of the 2.4ghz network after restart Asuswrt-Merlin 3

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 999 (members: 24, guests: 975)
Top