NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
RBR50v2 self-signed certificate rejected
Hi,
I use an Orbi router RBR50v2 with 2 satellites and they work as expected. Problem is when I try to access the admin page, for example:
https://orbilogin.net/index.htm
Safari rejects it as it says is not secure ( I've imported the certificate in keychain and trusted, of courwse ), even after confirming I want to access twice. Chrome rejects the page with ERR_SSL_KEY_USAGE_INCOMPATIBLE error. Only Firefox allows access by now.
I suppose that newer browsers impose more checks to certificates, so I think it's Netgear to update the router firmware to create an useable certificate, or at least provide the way to update it...
Any idea ? Should I start thinking on a new network infrastructure ?
Regards,
Joan
1 Reply
Your analysis is correct that modern web browsers have become paranoid about two types of web sites:
- unencrypted (http) web sites. Not using encryption means that anyone in the network between the web browser and the web site could potentially view the contents.
What the web browser does not take into account is that the Orbi web interface is on a router on the local network, and thus it is impossible to 'snoop' on the communication. - encrypted (https) web sites that use self-signed certificates. With no SSL "authority" to vouch for them, the web browser is afraid that someone could be pretending to be orbilogin.net.
Once again, what the web browser does not take into account is that the IP address of orbilogin.net was not resolved by a DNS server, but was rather intercepted by the router itself.
There is almost always a means to tell the web browser to "ignore this issue and proceed to the web page". I use Chrome, Edge, Firefox, and Opera with the Orbi RBR50 every day.
- unencrypted (http) web sites. Not using encryption means that anyone in the network between the web browser and the web site could potentially view the contents.
