I love my WAX630, but the self-signed cert it generates doesn't include a "Subject Alternative Name" field, which means even if I import the cert into my computer's Trusted Root CA Store, it still generates a browser error.
Based on having used many, many, other networking devices, what should happen is when I set/change the FQDN on the WAX630 it should regenerate the cert and fill in this field.
Based on having used many, many, other networking devices, what should happen is when I set/change the FQDN on the WAX630 it should regenerate the cert and fill in this field.
Still, these are self-signed certificates and not signed by a trusted CA. The correct FQDN is just a small part to make a certificate trusted.
Unfortunatley, I'm talking against the Chinese Wall requesting the ability to generate a CSR or at least the ability to import a CA-signed certificate and public key pair for almost all Netgear networking devices.
Agree that proper cert signing / install is what I'd really like, but the current "support" is broken to the extent that even manually installing as a trusted CA cert _doesn't_ allow the self-signed cert to be accepted 😞
Self-signed makes impossibly a real trusted certificate. Override or dismiss a browser security warning or whatever other tricks to make them trusted does still not make up a real trust or certificate handling.
Even if the Subject Alternate Name would be customizeable, the certificate won't be trusted - many more factors required.
Trusted certificates must always be signed by a trusted CA. Anything else is c***p.
Netgear switches (at least these supporting https) need a signed certificate, with the trust chain included.
Unfortunately, Netgear isn't ready for prime time when it comes to real world certificate handling.
