Your connection is not private

Arslankhan · March 24, 2026, 12:35pm

Whenever I log in to OpenWrt, a “Your connection is not private” message appears. Can someone tell me where to disable this private connection?

frollic · March 24, 2026, 12:48pm

don't use https or use a valid (= not self signed) cert.

add the invalid cert to your browser's white list (if one exists).

eduperez · March 24, 2026, 12:50pm

15.15.15.1 is not a valid private address.

Arslankhan · March 24, 2026, 12:50pm

If I uncheck this option, will the issue be resolved?

frollic · March 24, 2026, 12:51pm

that, plus use HTTP instead of HTTPS.

Arslankhan · March 24, 2026, 12:53pm

How can HTTP be added in OpenWrt? Please guide me a little.

frollic · March 24, 2026, 12:54pm

Arslankhan · March 24, 2026, 1:04pm

Thank u its working

hex · March 24, 2026, 3:03pm

For the benefit of future users who may stumble upon this topic, be aware that disabling HTTPS and forcing HTTP will remove all encryption for traffic between your device and the router's webserver. This may or may not matter for your network, but do be aware that it is now technically possible for any device in your network to eavesdrop on your entire web interface sessions, intercept your web interface credentials, and even send requests to the router while impersonating as your authenticated device. If you cannot trust all devices in your network whenever you use the web interface, always prefer HTTPS.
It is possible to create a CA and make it sign certificates for all your local servers, so that you can install that CA's certificate on your device and that warning will disappear. That process is much more involved though, and may not be secure if you fail to keep the CA's private key private.
The recommended solution for this problem is really, as frollic suggested, to whitelist that certificate in your browser if that's possible. Your browser will not be warning about insecure connections that way, which some browsers may still do for HTTP connections.
Even ignoring the warning while keeping HTTPS enabled should be preferred to forcing HTTP. Whatever risk that may arise from clicking on "proceed anyway" (after clicking on Advanced) each time will also be present by forcing HTTP, and the packets will be encrypted instead of being free for all to see like with HTTP. Again, it may not matter in your network, but at least be aware of the risks in case things change in the future.

TLDR: Keep the default settings, ignore the warnings, and click on Advanced -> Proceed anyway each time if you really don't want the trouble of fumbling with certificates.

lleachii · March 24, 2026, 3:35pm

Just to add on to the other user - this is because OpenWrt generates a self-signed certificate upon first boot. Because it's self-signed, it's obviously not listed with a public Certificate Authority. After you verified the serial number of your cert, you can safely skip this warning.

hex · March 24, 2026, 7:37pm

That's a good advice, but if you're comparing values anyway, compare the SHA256 fingerprint of the certificate instead. Certificates from different CAs can have the same serial number, so you can still fall for MITM attacks if you only check the serial.

Arslankhan · March 25, 2026, 5:53am

Okay, thank you. You guided me very well.

Arslankhan · March 25, 2026, 5:56am

Thanks all . for suggestions me.

system · April 4, 2026, 5:56am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.