Enhancement Request: User-supplied SSL certificates for remote management

dejiko do you have everything on your LAN required to operate a https server eg.on a router and to get your own certificate signed by a public CA? Minimal requirement would be an own domain, and a fully blown DNS service. majority of consumers don't have this.  

Netgear always promoting their products have very high security and usually announce a lot of so called "Security Advisory" about their products, and also provide a firmware upgrade to fix the security issues. But currently, if you login to your Netgear router everytime, almost all of the internet browers saying it is insecure, with a big red label to telling you the connection has a risk for leaking your information. This issue already happened more than 4 years, is it Netgear discards their security standard and put their product with a risk forever?

As per Netgear response, you can choose to use a third party firmware to fixed the problem, but in another channel they say if you use a third party firmware it is very high risk as they cannot ensure the information safety.

As a large company or enterprises, I cannot choose such kind of insecure product, this is a very well known issue and easy to fix by adding a let's encrypt feature or upload a certificate manually. As a home user, there have many alternative product in the market already provided a solution for that. So, why we still choose Netgear?

Ops... https://www.theregister.com/2020/02/12/netgear_router_https_cert_poc/

Is necessary Netgear permit to add a third part valid certificate with TLS 1.2 or 1.3 support, instead the invalid www.routerlogin.net, I have a RAX120, this expensive router have the same limitation, why?

Exist the root certificate for the validation of the actual?

It's a must all modern browsers now block access to invalid certs which leaves us without the possibility to access the remote management site.

+1 on https://letsencrypt.org/ support!

I was shocked to see the time stamp on this knowing that three years and two months later this still hasn't been implemented.  I'm on the road 3/4ths of the year and can only manage my router remotely, but the SSL certificate has always given me problems...  What use is installing the certificate when it's only for routerlogin.net!?  I don't care about SSL when I'm logging in through LAN...

I also really would love this.. I bought a .dev domain and being stuck with a bogus cert is miserable.

Well, we're in the Home environment here, so these must be considered consumer devices. Let's Encrypt is a nice solution for this market, as most consumers don't have own domains anyway. The same - lack of a bind ot a customer owned certificate - on the other hand is one of the  trust-stopper for that CA. Doing false (say hype) marketing for ACxxxx, AD7200, AX6000 or AX11000 - all numbers most peoplne never see - have priority to keep the market aehm Dollars rolling.  With the ability to generate CSRs, to import certificates, there isn't much business to generate. Figure. With thid kind of delay politics, the EoL for many of these devices will come long before they change from their late 1990s router specs. Sad but true.

Are these boards even moderated by NetGear?  This was originally posted on ‎2016-12-15 and nothing????