Posted: Fri Oct 17, 2014 19:08 Post subject: SSL broken? suddenly no HTTPS config/status page (Buffalo)
I am a bit concerned here: Since the last time I accessed my Buffalo WZR-HP-G450H's config browser interface via https I haven't changed anything in the router settings. Now I get the following error message in firefox and similar messages in other browsers:
Secure Connection Failed
An error occurred during a connection to 192.168.X.X. The key does not support the requested operation. (Error code: sec_error_invalid_key)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
Shell login still works.
However, there are two things which have me a bit puzzled:
1. At the beginning of this month, shortly after I got the 2012 DD-WRT firmware from the Buffalo site and replaced their firmware with it, they exchanged the entry on their download site with a new version. While the date of the entry changed from 2012 to 1st Oct 2014, strangely the version number did not change. I downloaded the file and compared it with the former version, resulting in no differences, and I think that's why I didn't bother to update.
2. Shortly before the last successful browser connection with my router I activated its DDNS functionality (with DynDNS.org)
Am I to be paranoid and assume I got hacked? Or did I simply make a mistake comparing the two firmware packages overlooking a difference, and the "older" firmware contains a revoked ssl certificate or something of the sorts?
I'm not that much of a pundit and I'd be more than happy about some opinions.
Posted: Sun Nov 09, 2014 20:25 Post subject: Key error using https
I tried connecting to my D-Link 835 (DD-WRT v24-sp2 (03/25/13) std - build 21061) for the first time in several weeks today. It had worked perfectly before, but now the bookmark in firefox would no longer connect. I tried chrome and it wouldn't connect either at first, but did give me the option of ignoring the security key error. I use debian linux with real firefox and chrome (not iceweasel and chromium). I assume that both firefox and chrome have recently implemented the same key length requirement as IE.