With the default settings in uhttpd and the generated self-signed cert with the normal defaults, Firefox just needs an exception to be defined the first time you connect to the router, and the warnings quiet down.
You define an exception by saying that you trust the certificate the router generated for you a few seconds ago, and you are ok to go.
If you want a public cert, you also need a public DNS name etc. (at least DDNS connectivity).
Normally the web server for LuCI is only exposed to the LAN side, not to the internet on the WAN, as pretty much all traffic from the WAN is blocked by the firewall, so there aren't that many attack vectors.
No idea why @trendy decided to discourage from installing uhttpd. It is not a large commercial http server, but on the other hand, its functionality is limited, so the exposed functional attack surface would be limited in any case.
Ps. Note that trendy was talking about exposing the webserver to internet, not about using it just in the local LAN, like most of us do.