7643 questions

9073 answers

14631 comments

11999 members

0 votes
120 views 1 comments
by

Hello,

I use ubuntu studio 20.04.2 LTS with Firefox browser. The RUT240’s firmware version is RUT2XX_R_00.01.14.

1. I got some trouble with the CLI of the RUT240. It’s not functional. I got an "MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT" firefox error code.

Just below the CLI, there is an instruction telling to add certificate acceptation to the browser in order to access CLI. So i downloaded the “uhttpd.crt” certificate from the RUT240.

In “preferences”, then “security and privacy”, then “view certificate” , then “Authorities” menus of firefox, i added the certificate. My problem is not solved.

2. In addition, when i accessed the Web UI of the RUT240 (192.168.1.1) using firefox for the first time, i got a security warning and i have to add a security exception by clicking “Accept the risk and continue” in firefox browser. Before the first access to the WebUI of RUT240 using firefox, adding the RUT240 “uhttpd.crt” certificate to firefox don’t solve the problem.

I got an "MOZILLA_PKIX_ERROR_CA_CERT_USED_AS_END_ENTITY" firefox error code.

3. When i click on the "MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT" firefox error code, it's written "The certificate is not trusted because it is self-signed.

HTTP Strict Transport Security: false
HTTP Public Key Pinning: false
"


 

To CONCLUDE, it seems that i got trouble to add certificate acceptation to the browser, or there are some settings to do in "about:config" of firefox, but i'am not an expert. What should i do ?

Thanks for your support,

p { margin-bottom: 0.1in; line-height: 115%; background: transparent }

by

This is not a fix but a workaround that worked for me.

What I found was that the error is not actually for the main site i.e., it is not for "https://(router ip address)/", it is for a specific port on the router "https://(router ip address):42XX". I found this out by clicking on the "Click here to open CLI in new tab" near the bottom. When you receive the error and click the 'Advanced' button, you will find that the problem is with a specific port, here is an example of what I mean:

The trick then is to add an exception to Firefox for that port. You can do this by opening settings, clicking on 'Privacy & Security', scroll down and locate the button 'View Certificates'; click on the button. When the 'Certificate Manager' opens, click on the 'Servers' tab:

Next, click the 'Add Exception' button and copy the URL from the error screen i.e., copy the "(router ip address):42XX" part and paste it into the 'Location' box. Click 'Get Certificate' button and wait for it to grab the certificate - if you get an error it means the the CLI shutdown on that port and so you have to do this within a reasonable amount of time. I recommend having two tabs open, one with the CLI and one with the settings. If it works, ensure the 'Permanently store this exception' checkbox is ticked then click the button 'Confirm Security Exception' button.

The painful part is that the port number is random, this means you have to do this several times to add a whole bunch of exceptions before you can use the CLI properly. I figure eventually I will have them all. The trick here is to simply keep refreshing the CLI tab and you will get a new port number. Eventually however, you will get a repeat and hey presto! I found that closing and then reopening that tab caused it to reuse port numbers more reliably than the refresh but I cannot confirm if that is true or just blind luck.

Hope it works for you and whomever else reads this.

1 Answer

0 votes
by

Hello,

This issue may be related to Firefox or your PC settings. I would recommend reading carefully each step of this detailed guide which explains how to proceed: https://support.mozilla.org/en-US/kb/error-codes-secure-websites

Regards.