Having been bothered by Ubiquiti’s HTTPS certificate issue for years, today I finally find some time to resolve this. There are multiple ways to resolve this, but I’m not able to find a perfect solution on the internet, so I write down my solution here.
I’m not going to use a public domain name, neither will I issue a certificate through a public issuer, for example, letencrypt, which I’ve been vasively used for my public websites. The reason is for me, I don’t want my router to be exposed to the public internet, and the less exposion, the better. Setting up a letsencrypt certificate, most probably I need verify I own this domain name and the server, which means I will reveal my public IP address for my router, and that is not my intension.
With that, I’m going to generate a self signed certificate with a generated CA on a domain name I generated dedicated for my router (router.local). Then I will import my CA to my devices that need to access the router. Finally I’ll redirect my router’s local IP address to a local domain name (router.local).