Forum Discussion
GS116Ev2 and HTTPS
It appears that the latest Firmware for the GS116Ev2 does not support HTTPS. Are there any plans to add support in newer firmware release, particularly TLS1.2 or up? Since browsers are moving towards blocking weak or unencrypted communication, this would make the web interface inaccessible.
Apart from the browsers it's unadvisable to send a password over an unencrypted connection.
An alternative (not preferred) solution would be the possibility to restrict management access to a tagged vlan or particular switchport. This doesn't appear to be possible at this moment.
JustSomeUser wrote:It appears that the latest Firmware for the GS116Ev2 does not support HTTPS. Are there any plans to add support in newer firmware release, particularly TLS1.2 or up? Since browsers are moving towards blocking weak or unencrypted communication, this would make the web interface inaccessible.
Asked many times. There is no https available on any tiny micro-controllers in place to configure the switch core in this product line.
The browser makers are very progressive in blocking old "secure" https variants for good reasons - especially when it goes out to the Internet. Doubt plain http will be blocked soon.
The real problem is getting a workable certificate to embedded devices in environments without local DNS, without own domains, ... all these security messages and warnings of insecure / untrusted / whatever are much more scarier for the average Joe.
JustSomeUser wrote:Apart from the browsers it's unadvisable to send a password over an unencrypted connection.
True. However, who does listen on your small home network or has physical access to your SOHO network?
JustSomeUser wrote:An alternative (not preferred) solution would be the possibility to restrict management access to a tagged vlan or particular switchport. This doesn't appear to be possible at this moment.
Here again, most Smart Managed Plus switches don't support a real management VLAN.
1 Reply
JustSomeUser wrote:It appears that the latest Firmware for the GS116Ev2 does not support HTTPS. Are there any plans to add support in newer firmware release, particularly TLS1.2 or up? Since browsers are moving towards blocking weak or unencrypted communication, this would make the web interface inaccessible.
Asked many times. There is no https available on any tiny micro-controllers in place to configure the switch core in this product line.
The browser makers are very progressive in blocking old "secure" https variants for good reasons - especially when it goes out to the Internet. Doubt plain http will be blocked soon.
The real problem is getting a workable certificate to embedded devices in environments without local DNS, without own domains, ... all these security messages and warnings of insecure / untrusted / whatever are much more scarier for the average Joe.
JustSomeUser wrote:Apart from the browsers it's unadvisable to send a password over an unencrypted connection.
True. However, who does listen on your small home network or has physical access to your SOHO network?
JustSomeUser wrote:An alternative (not preferred) solution would be the possibility to restrict management access to a tagged vlan or particular switchport. This doesn't appear to be possible at this moment.
Here again, most Smart Managed Plus switches don't support a real management VLAN.