@jow Thanks a lot for your patience!
For a moment I thought I was the one and only dumb here as it seemed to me that other people were getting proper behaviour...
Bugs happen. I volunteer, at your will, for testing, though.
I look this post, it is not done at this time (more than 2 years after)
In default OpenWrt, in LuCI, no section to enable or disable HTTPS and generate the cert by autogeneration or import cert or Let's Encrypt.
It is a big problem.
It's not - and @hnyman has patiently explained you why, respectvely which steps to take if you do want to change it for your system.
mbedtls/ openssl/ wolfssl are huge on lower-end devices, so large that preinstalling them by default would be a disservice to their users (no image at all).
Furthermore OpenWrt can't guess the settings for the SSL certificate (location, organization, etc.), as most devices (none) don't have GPS and IP based geolocation is a) huge, b) proprietary c) in many cases not available until the user has accessed luci already to configure the WAN connection. Only offering self-signed https would be rather newcomer unfriendly as well, considering how hard modern browsers discourage them.
Yes, letsencrypt/ acme is also possible, but this a) requires a paid domain, b) needs configuration for said domain and c) doesn't really work reliably in practice (even ignoring the chicken and egg problem; yes, I've tested -and abandoned- this).
So really, no need to make a drama out of this - there is not better solution (but we're all ears if you come up with a constructive alternative that actually works and fits into small devices).
Edit: stop spamming your rant to any remotely related thread, it's not helpful.
4 Likes
[TANGENT]
It also is unreliable, and should not be used for anything important... (with ISPs the dynamically re-use IP-addresses among their users a router's position can apparently jump around quite a lot, sometimes even crossing over into other states/countries)....
[/TANGENT]
1 Like
Hi , if I were to use two different ports , how do I add auth to that specific port having the web server?
config uhttpd 'web1'
list listen_http '0.0.0.0:80'
list listen_http '[::]:80'config uhttpd 'web2'
list listen_http '0.0.0.0:8089'
list listen_http '[::]:8089'
I have two these , and when I use
config httpauth prefix_user
option prefix /protected/url/path
option username user
option password 'plaintext_or_md5_or_$p$user_for_system_user'
it applies to both ports.
I want to apply it to a specific port, how can I achieve that?