Difference between revisions of "Removing of HTTPS security warning"
From Teltonika Networks Wiki
PauliusRug (talk | contribs) |
|||
| (38 intermediate revisions by one other user not shown) | |||
| Line 1: | Line 1: | ||
| − | + | For accessing the device WebaUI using HTTPS it requires a certificate, else it will show the below error: | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | For accessing the device WebaUI using HTTPS it requires a certificate, else it will show the below error: | ||
[[File:16.png|left|alt=|border]] | [[File:16.png|left|alt=|border]] | ||
| − | In this example, we will be able to access the device webpage using | + | In this example, we will be able to access the device webpage using HTTPs, with a free certificate from a free CA. |
| − | == <big>Certificate creation and trust</big> == | + | == <sup>'''<u><big>Certificate creation and trust:</big></u>'''</sup> == |
1. You must have a DNS record linked to the IP of the router; in my case, I’m using a Windows server to act as a DNS server. | 1. You must have a DNS record linked to the IP of the router; in my case, I’m using a Windows server to act as a DNS server. | ||
| − | As shown, I choose | + | As shown, I choose a hostname '''rut955.teltonika.uae''' and it's linked with '''172.16.16.1''' the LAN IP of the router. |
This hostname will be used for creating the certificate later. | This hostname will be used for creating the certificate later. | ||
| Line 23: | Line 14: | ||
3. Fill in the information regarding your requirements: | 3. Fill in the information regarding your requirements: | ||
[[File:Getacert1.png|center|alt=|border|1102x1102px]] | [[File:Getacert1.png|center|alt=|border|1102x1102px]] | ||
| − | '''NOTE:''' 1,2 and 3 are the names you | + | '''NOTE:''' 1,2 and 3 are the names you want to use in the browser. |
Other information isn’t mandatory. Click '''Next Page'''. | Other information isn’t mandatory. Click '''Next Page'''. | ||
| Line 32: | Line 23: | ||
5. The final page: | 5. The final page: | ||
[[File:Getacert3.png|center|alt=|border|1102x1102px]] | [[File:Getacert3.png|center|alt=|border|1102x1102px]] | ||
| − | + | ||
| + | |||
6. Click on (+) beside '''Open Private Key''': | 6. Click on (+) beside '''Open Private Key''': | ||
[[File:Getacert4.png|center|alt=|border|1102x1102px]] | [[File:Getacert4.png|center|alt=|border|1102x1102px]] | ||
| Line 38: | Line 30: | ||
Copy the text to a new Notepad file, and rename it to '''name.crt''' in my case I used a simple name '''cer.crt''' | Copy the text to a new Notepad file, and rename it to '''name.crt''' in my case I used a simple name '''cer.crt''' | ||
| − | + | ||
7. Click on (+) beside Open Public Key: | 7. Click on (+) beside Open Public Key: | ||
[[File:Getacert5.png|center|alt=|border|1102x1102px]] | [[File:Getacert5.png|center|alt=|border|1102x1102px]] | ||
| Line 44: | Line 36: | ||
Copy the text to a new Notepad file, and rename it to '''name.key''' in my case I used a simple name '''key.key''' | Copy the text to a new Notepad file, and rename it to '''name.key''' in my case I used a simple name '''key.key''' | ||
| − | + | ||
8. Click on the [.p12] file, and it will be downloaded: | 8. Click on the [.p12] file, and it will be downloaded: | ||
| − | [[File:Getacert6.png|center|alt=|border|1102x1102px]] | + | [[File:Getacert6.png|center|alt=|border|1102x1102px]] |
| − | + | ||
| + | |||
9. Go to the Microsoft search bar and type: '''cer''' then choose Manage user certificates: | 9. Go to the Microsoft search bar and type: '''cer''' then choose Manage user certificates: | ||
[[File:Windows1.png|center|alt=|border]] | [[File:Windows1.png|center|alt=|border]] | ||
| − | + | ||
10. Go to Trusted Root Certification Authorities: | 10. Go to Trusted Root Certification Authorities: | ||
[[File:Windows2.png|center|alt=|border|1102x1102px]] | [[File:Windows2.png|center|alt=|border|1102x1102px]] | ||
| − | + | ||
| + | |||
11. Right-click and highlight '''All Tasks''', click '''Import…'''[[File:Windows3.png|center|alt=|border|1102x1102px]] | 11. Right-click and highlight '''All Tasks''', click '''Import…'''[[File:Windows3.png|center|alt=|border|1102x1102px]] | ||
| − | |||
| − | 12. Choose the | + | 12. Choose the .p12 file downloaded before: |
[[File:Windows4.png|center|alt=|border]] | [[File:Windows4.png|center|alt=|border]] | ||
| − | |||
| − | == <big> | + | Then '''Next''', then '''Next''', then '''Finish'''. |
| + | |||
| + | == <sup>'''<big><big><u>RUT configuration:</u></big></big>'''</sup> == | ||
| + | The final part: | ||
Go to '''System''' → '''Access Control''' → '''WEBUI''' | Go to '''System''' → '''Access Control''' → '''WEBUI''' | ||
1) Turn off '''Certificate files from device'''. | 1) Turn off '''Certificate files from device'''. | ||
[[File:RUT1.png|center|alt=|border|1102x1102px]] | [[File:RUT1.png|center|alt=|border|1102x1102px]] | ||
| + | |||
2) Click browse in '''Server certificate''' and choose the [.crt] file created. | 2) Click browse in '''Server certificate''' and choose the [.crt] file created. | ||
| Line 77: | Line 73: | ||
4) Click '''SAVE & APPLY'''. | 4) Click '''SAVE & APPLY'''. | ||
| − | <sup><big> | + | |
| − | < | + | <sup>'''<big><big>Open the WebUI again using the DNS record:</big></big>'''</sup> |
| − | |||
[[File:Windows done.png|center|alt=|border|1102x1102px]] | [[File:Windows done.png|center|alt=|border|1102x1102px]] | ||
| − | Now we can access the WebUI securely, and we can turn | + | '''<big>Now we can access the WebUI securely, and we can turn of the HTTP access.</big>''' |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
Revision as of 13:31, 2 November 2022
Main Page > General Information > Configuration Examples > Router control and monitoring > Removing of HTTPS security warningFor accessing the device WebaUI using HTTPS it requires a certificate, else it will show the below error:
In this example, we will be able to access the device webpage using HTTPs, with a free certificate from a free CA.
Certificate creation and trust:
1. You must have a DNS record linked to the IP of the router; in my case, I’m using a Windows server to act as a DNS server.
As shown, I choose a hostname rut955.teltonika.uae and it's linked with 172.16.16.1 the LAN IP of the router. This hostname will be used for creating the certificate later.
2. Go to: GetAcert website.
3. Fill in the information regarding your requirements:
NOTE: 1,2 and 3 are the names you want to use in the browser. Other information isn’t mandatory. Click Next Page.
4. Check the data once again, if everything is okay click Submit self-signed Certificate:
5. The final page:
6. Click on (+) beside Open Private Key:
Copy the text to a new Notepad file, and rename it to name.crt in my case I used a simple name cer.crt
7. Click on (+) beside Open Public Key:
Copy the text to a new Notepad file, and rename it to name.key in my case I used a simple name key.key
8. Click on the [.p12] file, and it will be downloaded:
9. Go to the Microsoft search bar and type: cer then choose Manage user certificates:
10. Go to Trusted Root Certification Authorities:
11. Right-click and highlight All Tasks, click Import…
12. Choose the .p12 file downloaded before:
Then Next, then Next, then Finish.
RUT configuration:
The final part: Go to System → Access Control → WEBUI
1) Turn off Certificate files from device.
2) Click browse in Server certificate and choose the [.crt] file created.
3) Click browse in Server key and choose the [.key] file created.
4) Click SAVE & APPLY.
Open the WebUI again using the DNS record:
Now we can access the WebUI securely, and we can turn of the HTTP access.
