Removing HTTPS Warnings with Device-Generated Certificates: Difference between revisions
DaumantasG (talk | contribs) mNo edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
=== Summary === | === Summary === | ||
One of the main benefits of HTTPS is that it adds security and trust. It protects users against man-in-the-middle (MitM) attacks that can be launched from compromised or insecure networks. Hackers can use such techniques to steal your sensitive information. Implementing SSL secures any data transmitted between server and browser during a user's session interacting with your device. | One of the main benefits of HTTPS is that it adds security and trust. It protects users against man-in-the-middle (MitM) attacks that can be launched from compromised or insecure networks. Hackers can use such techniques to steal your sensitive information. Implementing SSL secures any data transmitted between server and browser during a user's session interacting with your device. | ||
---- | ----<br> | ||
<br> | |||
To access the device WebUI using HTTPS, a certificate is required; otherwise, the browser will display the following error:<br> | To access the device WebUI using HTTPS, a certificate is required; otherwise, the browser will display the following error:<br> | ||
[[File:https_webui_warning.png|border|class=tlt-border|center]] | [[File:https_webui_warning.png|border|class=tlt-border|center]] | ||
| Line 18: | Line 15: | ||
[[File:Https webui certificates manager.png|border|class=tlt-border|center|1102x1102px]] | [[File:Https webui certificates manager.png|border|class=tlt-border|center|1102x1102px]] | ||
== Applying certificates to the device == | == Applying certificates to the device == | ||
After the certificates are generated, navigate to '''System → Administration → Access Control'''. | After the certificates are generated, navigate to '''System → Administration → Access Control''' and click "'''''Edit'''''" on '''HTTPS''' service. | ||
In the ''' | [[File:HTTPS Access control.png|center|1102x1102px]] | ||
In the '''pop-up window''' make these selections: | |||
#Certificate files from device – ''Enable'' | #Certificate files from device – ''Enable'' | ||
#Server certificate – ''server.cert.pem'' | #Server certificate – ''server.cert.pem'' | ||
#Server key – ''server.key.pem'' | #Server key – ''server.key.pem'' | ||
''Note: make sure you are using previously generated certificates'' | ''Note: make sure you are using previously generated certificates'' | ||
[[File: | [[File:HTTPS Access Control v3.png|center|1022x1022px]] | ||
<br> | |||
== Uploading CA on Windows PC == | == Uploading CA on Windows PC == | ||
The CA certificate must be imported into either the computer's operating system or the web browser.<br> | The CA certificate must be imported into either the computer's operating system or the web browser.<br> | ||
Revision as of 11:10, 17 March 2025
Main Page > General Information > Configuration Examples > Router control and monitoring > Removing HTTPS Warnings with Device-Generated CertificatesSummary
One of the main benefits of HTTPS is that it adds security and trust. It protects users against man-in-the-middle (MitM) attacks that can be launched from compromised or insecure networks. Hackers can use such techniques to steal your sensitive information. Implementing SSL secures any data transmitted between server and browser during a user's session interacting with your device.
To access the device WebUI using HTTPS, a certificate is required; otherwise, the browser will display the following error:
Generating the certificates
Certificates can be generated and signed directly on our device. To do this, navigate to System → Administration → Certificates. In the certificate generation tab, select the following settings:
- File type – Simple
- IP addresses – 192.168.14.1 (the IP address of the Teltonika device)
- Click on the generate button.
After the certificates are generated, you can find them by opening Certificates Manager tab.
In this tab, you will be able to find and download if necessary all of the available certificates in your device altogether with the ones we recently generated.
Applying certificates to the device
After the certificates are generated, navigate to System → Administration → Access Control and click "Edit" on HTTPS service.
In the pop-up window make these selections:
- Certificate files from device – Enable
- Server certificate – server.cert.pem
- Server key – server.key.pem
Note: make sure you are using previously generated certificates
Uploading CA on Windows PC
The CA certificate must be imported into either the computer's operating system or the web browser.
First, download the CA certificate from the "Certificates Manager" on your Teltonika device.
To upload a CA certificate on a WindowsOS based PC follow these steps:
In the device search bar, enter Manage User Certificates and open the service.
Navigate to Trusted Root Certification Authorities → Certificates in the Certificates - Current User tab, then click on Action tab and import your certificate by selecting All tasks → Import.
Uploading certificate to the browser
Another option is to upload the recently generated certificates directly to your browser instead of the PC. For this example, I used Google Chrome.
Start by opening your browser settings by clicking the three vertical dots in the top right corner, then navigate to Settings.
In the opened settings window, click on Privacy and Security→Security→Manage certificates and the certificates pop-up window will appear.
Navigate to the Trusted Root Certification Authorities and import your generated CA certificate.
Once done, restart your browser.
Testing
Once all the steps are completed and the certificate is imported, the warning should no longer appear when accessing your device via WebUI using the HTTPS protocol.
See also
HTTPS Warning Removal With Encrypted Certificate
Noip.com DDNS configuration