Feature #228
the administrative web interface should be https
| Status: | New | Start date: | 08/16/2011 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | - | % Done: | 0% |
|
| Category: | - | Spent time: | - | |
| Target version: | Cerowrt-Someday |
Description
Although the administrative interface is not reachable from the internet, it would be good for it to be https, as otherwise the root password is exposed over the wire.
The problem with this is that the 'right' way to do it is to generate the cert at first boot, periodically, and every time the main name of the router changes - and regardless of how this is done web browsers generate scary messages on self-signed certs.
History
Updated by Jim Gettys almost 2 years ago
Or we buy a cert up front for cerowrt (gw.home.lan) and throw it away after the password is set. All we care about here is that the password changing be done on an encrypted channel.
Updated by Dave Täht about 1 year ago
- Target version changed from 1st Public Cerowrt release to Cerowrt-Someday