Does it help getting encrypted https (without self signed cert error) on my local router ? 192.168.0.1 being an example login page.
replies(6):
- get a domain name (foo.com) and get certificates for *.foo.com
- run a DNS resolver that maps a.b.c.d.foo.com (or a-b-c-d.foo.com) to the corresponding private IP a.b.c.d
- install the foo.com certificate on that private IP's device
then you can connect to devices in your local network via IP by using https ://192-18-1-1.foo.com
Since you need to install the certificate in step 3 above, this works better with long-lived certificates, of course, but aotomation helps there
Then I realised that when my internet was down, 192-18-1-1.foo.com wouldn't resolve. And when my internet is down is exactly when I want to access my router's admin page.
I decided simply using unencrypted HTTP is a much better choice.
Just add a local DNS entry on your local DNS server (likely your router).
Or I could just use HTTP, or a self-signed certificate. If an attacker intercepts traffic on twenty feet of ethernet cable in my home's walls, I've probably got bigger problems than protecting my router admin password.