Community Forum

Router login page https certificate is expired

Regular Visitor

Router login page https certificate is expired

Like the post says, I keep getting a warning connection insecure when I try to use https to login to my router. It says comcast's SSL is expired. Also, I would like to shut off the stupid hidden essid that is broadcasting no matter what I do. I have already turned off mobile hotspot on the xfinity page.

Expert

Re: Router login page https certificate is expired

Are you talking about logging in to the gateway device's user interface at 10.0.0.1 ?



I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Regular Visitor

Re: Router login page https certificate is expired

Correct. If I login locally with http i get a notification at the address bar saying the connection isn't secure. If type in https:// I get an entire page warning me that the cert is invalid.
Expert

Re: Router login page https certificate is expired


@hydrosity1 wrote:

Like the post says, I keep getting a warning connection insecure when I try to use https to login to my router. It says comcast's SSL is expired. Also, I would like to shut off the stupid hidden essid that is broadcasting no matter what I do. I have already turned off mobile hotspot on the xfinity page.


You need to use http. Granted, browsers like Chrome will scream bloody murder if you attempt this, but you can scroll down to the page and Proceed Anyway, as this is a local conection and will not compromise your safety. 

If you want an alternate way to manage your network, use Xfinity xFi -  either the Online Version, or download the app from the App Store for iOS or the Google Play Store for Android. 

 

As far as the hidden SSID, what model gateway do you have? If it's the XB6 Advanced Gateway, that hidden SSID is the Home Security subnetwork. It can't be turned off, for obvious reasons. 


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Expert

Re: Router login page https certificate is expired


@hydrosity1 wrote:
Correct. If I login locally with http i get a notification at the address bar saying the connection isn't secure. If type in https:// I get an entire page warning me that the cert is invalid.

Why are you using HTTPS ? You don't need it. You are making a local (LAN) connection to the device, not a remote Comcast server. The access address is a private (non-internet routable) one. You never traverse the open internet. The connection is secure. Use HTTP.



I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Regular Visitor

Re: Router login page https certificate is expired

Quite honestly because my kids are sneaky and have managed to lock me out of the router page before. Not like little young kids, but teenage and tweens who know a thing about hacking. Regardless, I should be receiving security errors on my own net.
Regular Visitor

Re: Router login page https certificate is expired

Oh and, it's the TG1682g
Expert

Re: Router login page https certificate is expired

Oh yeah, I know a thing or two about sneaky teenagers. Cat LOL

What you need to secure isn't the connection, but the gateway itself. I imagine you already know to change the default password on the admin account, so the second thing would be to physically secure the gateway, either in a locked, ventilated box or in your bedroom.

Another thing, since you have the XB3 gateway, would be to use Xfinity xFi to manage your network, which you can download from the App Store for iOS or Google Play Store for Android, or use the Online version at https://internet.xfinity.com . You can get alerts if the gateway is rebooted or your network is compromised in any way, and even if your kids reset the gateway you can easily restore the settings you had before.

I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Regular Visitor

Re: Router login page https certificate is expired

I have xfi, and I absolutely hate it. It has to be the worst backend routing software I've ever used. Sure its nice to be able to remotely access it with the app, but what it adds in ease if use it lacks in functionality. Anyways, there are some very easy ways using network sniffing tools that you can steal someone's login through regular http connections when you are on the same local net. Hence why I would like to be able to use https. Plus, it's the way of the future. And my 'secure' network ought to not be showing me security errors visiting it's own interface gui. I really would like to upgrade from this awful device but it's so expensive to upgrade. I cant believe they supply and charge for a device that's 5 years old.

My system logs dont even work anymore. Anytime I look the logs are just empty. Anways.. I digress. How can I fix the issues with comcasts old 2015 expired certs?
Expert

Re: Router login page https certificate is expired


@hydrosity1 wrote:
I have xfi, and I absolutely hate it. It has to be the worst backend routing software I've ever used. Sure its nice to be able to remotely access it with the app, but what it adds in ease if use it lacks in functionality. Anyways, there are some very easy ways using network sniffing tools that you can steal someone's login through regular http connections when you are on the same local net. Hence why I would like to be able to use https. Plus, it's the way of the future. And my 'secure' network ought to not be showing me security errors visiting it's own interface gui. I really would like to upgrade from this awful device but it's so expensive to upgrade. I cant believe they supply and charge for a device that's 5 years old.

My system logs dont even work anymore. Anytime I look the logs are just empty. Anways.. I digress. How can I fix the issues with comcasts old 2015 expired certs?

There is no way for the certificte, just use http://. For someone to be sniffing your packets to log into the gateway, they would need to be on your own private network


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Expert

Re: Router login page https certificate is expired


@hydrosity1 wrote:
I have xfi, and I absolutely hate it. It has to be the worst backend routing software I've ever used. Sure its nice to be able to remotely access it with the app, but what it adds in ease if use it lacks in functionality. 


I'm not going to disagree. It's really designed for ease of use more than functionality. If you want a more robust solution, then you really should have your own personal router managing your LAN. 

 

 


@hydrosity1 wrote:
Anyways, there are some very easy ways using network sniffing tools that you can steal someone's login through regular http connections when you are on the same local net. Hence why I would like to be able to use https. Plus, it's the way of the future. And my 'secure' network ought to not be showing me security errors visiting it's own interface gui. I really would like to upgrade from this awful device but it's so expensive to upgrade. I cant believe they supply and charge for a device that's 5 years old.

If an intruder manages to penetrate your network from the inside, very little can be done to mitigate the damage. That's like letting a bull inside your proverbial china shop, then expect to be able to stop him from doing damage. 

Plus, it looks like you don't understand how secure browsing works.  For https to work, the remote site should have a Secure Certificate on file with a proper, validated Certificate Authority. No legitmate CA will issue certificates to a non routable, private internet address such as the one on the Comcast gateway, because those are private, and not facing the internet.  It's presumed that everything you have inside your LAN is secure, just as one  would presume people you allow inside your house are trustworthy. 

 


@hydrosity1 wrote:

My system logs dont even work anymore. Anytime I look the logs are just empty. Anways.. I digress. How can I fix the issues with comcasts old 2015 expired certs?

 

Again, and I'm only going to say this once more: you should use http. 

 

I don't know how I can make myself any more clear than that. 

 

 


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Expert

Re: Router login page https certificate is expired


@hydrosity1 wrote:
Anways.. I digress. How can I fix the issues with comcasts old 2015 expired certs?

https://forums.xfinity.com/t5/Your-Home-Network/Router-login-page-https-certificate-is-expired/m-p/3...



I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Regular Visitor

Re: Router login page https certificate is expired

Any idea what the deal with the logs are?
Expert

Re: Router login page https certificate is expired

The logs we can see have not been working for quite some time now.


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!
Regular Visitor

Re: Router login page https certificate is expired

Ok... Any reason why? Is it fixable? Ridiculous that we dont have access to any logs, yet there are so many other features that are emphasized for security and safety.
Regular Visitor

Re: Router login page https certificate is expired

I am having the same issues that the person Posted about here too.
It seems to me that comcast isn't doing there job right. Not only to help customers fully understand what's happening to the devices, connects, ect..

If this many people are having the same issues, then it's a problem comcast needs to fix!
I don't know much about networks, connects, settings, extra an I am only self taught. However, comcast was at my place once again due to issues with wifi , an when speaking with this repair man, an asking him some huge questions, he told me that I've learned enough to beware of my connects, devices, an settings, ect, that he was impressed with the questions I was asking.
I'm with you on wanting the https to be use able an secure. However I understand that it's a private network an that the https:// is usable an fine, however, due to the hacking, dos attacks, ect, it would be wonderful for Comcast to step up on their end an issue a cure for this. Seems that we pay so much each month an getting less an less in return.
I've been with comcast 18yr now, an hate having to call them.
I get one tech person who has no clue then transfers to someone who was also impressed with my questions, an told me that I was asking all the right ones. Which made me concerned more about my security .
Xfinity hotspots. . This tech guy hooked me up with a user name an password to be able to Lock my xfinity hotspot so that users that wanted to connect to my xfinity hotspot wasn't open but had placed a secure username an password. After a long painful 2 hrs on the phone, (at that time I used only wifi to make calls an get calls) the line went dead an I had to again call back. To explain again that I wanted to make sure my xfinity hotspot got fixed to username an password. This tech guy had no clue what I was talking about, an transferred me, this guy told me that there was no way that the tech guy could possible do that for me cause it didn't exist! Comcast tech had no clue what I was talking about but I knew I was right. I got flustered an hung up..

Sorry so Lon but I've been dealing with all these an more issues for over 3 yrs now.
Lady Morgona
Expert

Re: Router login page https certificate is expired


@Local10plus wrote:
I am having the same issues that the person Posted about here too.
It seems to me that comcast isn't doing there job right. Not only to help customers fully understand what's happening to the devices, connects, ect..

If this many people are having the same issues, then it's a problem comcast needs to fix!
I don't know much about networks, connects, settings, extra an I am only self taught. However, comcast was at my place once again due to issues with wifi , an when speaking with this repair man, an asking him some huge questions, he told me that I've learned enough to beware of my connects, devices, an settings, ect, that he was impressed with the questions I was asking.
I'm with you on wanting the https to be use able an secure. However I understand that it's a private network an that the https:// is usable an fine, however, due to the hacking, dos attacks, ect, it would be wonderful for Comcast to step up on their end an issue a cure for this. Seems that we pay so much each month an getting less an less in return.


Again, you cannot use https on a private IP address, for the reasons I gave above.

 

Period.

 

As for your other technical issues, if you require assistance, please start a new thread, as the underlying question on this thread has been asked and answered numerous times.  This thread is now closed. 


I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Mark the post as Best Answer!