NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
EX8000, RS8000P, &RS700 HTTP To HTTPS switch.
I thought I would change my extender and router from HTTP to HTTPS. However, once I did this, I got SSL certificate errors and could no longer login or connect to the devices. I was using Google Chrome. Finally, I direct wire connected to the devices and used Firefox to reset the devices back to HTTP.
I still want to go HTTPS, but I do not know how to copy in new SSL certificates.
What are my best options? Why can't I delete the old SSL certificates and create new ones with HTTPS when devices reboot?
- Is there an easier way to switch HTTP to HTTPS and still have the SSL certificates?
- Where do I find the new SSL certificates and where are they imported? I looked all over the Chrome browser but did not find any NETGEAR device SSL certificates - no local, your or root.
- Once I wire-connect to the router and login, do I get a new SSL certificate for all browsers or just for Firefox?
Thank you.
p.s. Probably should make clear that noticing web browser WARNING messages is a very good practice. The point is to use common sense If the device being used to open MY router web interface is on MY local private network and the web server is also on MY local private network (especially if opening it using the IP address rather than URL), that is a very different thing than opening <name of my bank>.com) and getting a warning.
4 Replies
Is there an easier way to switch HTTP to HTTPS and still have the SSL certificates?
Go back to the beginning. Why do you want to do that?
Because your browsers throw up error messages?
They aren't designed to handle local traffic on your network, which is kind of hard to penetrate. Having see this question here many times before, no one has even shown any evidence that their system was compromised.
michaelkenward is correct. Netgear customers are caught in a "Catch 22" caused by modern web browsers:
- If the web interface is kept at the default (http), web browsers scream, "UNSAFE. NOT SECURE. GO BACK!" because by definition in today's world, an http web connection is plain text which can be intercepted between the web browser and the web site. Never mind the fact that both the web site (router) and web browser are on the same private network.
- If the web interface is changed to https, web browsers scream "UNSAFE. NOT SECURE. GO BACK!" because Netgear routers use a self-signed SSL certificate that is not registered with one of the SSL authorities recognized by the web browser. Thus, even though (a) the connection is still on a local private network, and (b) the connection is encrypted using SSL, a self-signed certificate cannot be trusted! Years ago, Netgear registered several URLs with SSL certificate authorities, including orbilogin.com, orbilogin.net, routerlogin.com, routerlogin.net. Obviously, these URLs do not lead to web sites run by Netgear. They are intercepted by the Netgear router and redirected to the local router IP address.
It is a royal pain in the *****. Many browsers will allow an option to "ignore this warning and go there anyway." Once done, the browser will remember the choice and quit complaining. I leave my Orbi web interface on the default http and just get on with life.
p.s. Probably should make clear that noticing web browser WARNING messages is a very good practice. The point is to use common sense If the device being used to open MY router web interface is on MY local private network and the web server is also on MY local private network (especially if opening it using the IP address rather than URL), that is a very different thing than opening <name of my bank>.com) and getting a warning.
Great reply!
Thanks
