Issue: When I login to my 7268C gateway via IP address, e.g. 192.168.86.21, the browser indicates that it is not a secure connection. How do I make the login use https so that when I enter the password it isn’t sent in the clear?
Setup: I’ve got a RAK7268C connected to my home wifi network. By looking at the devices connected to my wifi router, I can determine the IP address of the 7268C gateway. I then enter that IP address in the browser which takes me to the 7268C login screen, where I enter the assigned password for my 7268C.
Since the browser indicates that the connection isn’t secure, isn’t my password being sent in the clear. If this is true, is there a setting I can enable on the 7268C that will make it so that I can securely login to the 7268?
Server:
Details:
When I look in the online product manual at the URL below, it indicates that the login mechanism is http rather than https.
Hi @Nikola ,
It’s a V2 gateway. The reason I asked this question is because I was thinking that if someone was monitoring IP traffic on my wifi network at the time I logged in to the gateway, that they would be able to see the password that I used to login to the gateway.
What got me to thinking about this was an incident that happened last week when my business partner was setting up a gateway for deployment at a customer site. In setting up the gateway he had forgotten to enable encryption when configuring the Wireless Access Point. I noticed this when I happened to scan WiFi networks and saw that the gateway was broadcasting an open WiFi network. I helped him to enable WPA2-PSK, but in doing so, noticed that the login to the gateway to get to the Wireless Access Point settings wasn’t occurring over a secure connection.
Hi @dangermikeb The used certificate in the WisGateOS is self-signed from RAK. As not issued from a trusted CA the browsers automatically rejects it. Even if the certificate is self-signed, HTTPS still provides encryption. So, when you accept the certificate in your browser (typically there’s an “advanced” or “proceed anyway” option), your connection will still be encrypted and secure against eavesdropping.