Accessibility Resource Center
Skip to main content
Shop
Shop
-
Shop all
- Deals Deals
- Devices Devices
-
Accessories
Accessories
Accessories
- Shop all accessories
-
Phone accessories
Phone accessories
Phone accessories
-
Tablet accessories
Tablet accessories
Tablet accessories
-
Watch accessories
Watch accessories
Watch accessories
- Charging
- Audio
- Gaming
- Smart home
- Deals
-
Plans
Plans
Plans
- Shop all plans
- Unlimited
- International services
- Connected devices
-
Those who serve
Those who serve
Those who serve
- Student plans
-
Other plans
Other plans
Other plans
- Bring your own device
- Home Home
- Prepaid Prepaid
-
+play
-
+play
- Entertainment Entertainment
-
Apps & add-ons
Apps & add-ons
Apps & add-ons
-
Business
Why Verizon
Support
Support
Choose your cart
Choose your cart
Have a phone you love? Get up to $500 when you bring your phone. OR get iPhone 13, on us for a limited time. With Select 5G Unlimited plans. Buy now
Receive up to $504 promo credit ($180 w/Welcome Unlimited, $360 w/ 5G Start, or $504 w/5G Do More, 5G Play More, 5G Get More or One Unlimited for iPhone plan (Welcome Unlimited and One Unlimited for iPhone plans can't be mixed w/other Unlimited plans; all lines on the account req'd on respective plans)) when you add a new smartphone line with your own 4G/5G smartphone on an eligible postpaid plan between 2/10/23 and 4/5/23. Promo credit applied over 36 months; promo credits end if eligibility requirements are no longer met.
$699.99 (128 GB only) device payment purchase or full retail purchase w/ new smartphone line on One Unlimited for iPhone (all lines on account req'd on plan), 5G Start, 5G Do More, 5G Play More or 5G Get More plan req'd. Less $699.99 promo credit applied over 36 mos.; promo credit ends if eligibility req’s are no longer met; 0% APR.
end of navigation menu
Sign in
- Verizon Community
- Categories
- Home
- Products
- Home Internet (Fios and High Speed)
- Logging into Router Using HTTPS
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
1,214 Members online 255K Discussions 42.3K Solutions
More Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Correct answers are available for this post.
Jump to solution.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Just got off the phone with Verizon tech and had a very strange reaction to my request for connecting securely to my router using HTTPS. She said that if I can connect using the 192.168.1.1 address, it was not Verizon's problem.
Maybe I'm misunderstanding but I thought my connection to the router was supposed to be done using HTTPS which cannot be accomplished using an IP address. Certificates are only issued to named domains. Verizon packages the router cert as part of the router and allows secure connections using the https://myfiosgateway.com.
I am unable to connect using that address. I can connect by IP and by named address as long as I'm using HTTP. Not being able to use HTTPS implies an insecure element within the router's web UI. It could be something as trivial as an image tag or as vulnerable as a script reference. The point is: I DO NOT HAVE A SECURE ROUTER CONNECTION. This is important to me due to past hacking activity.
Is it possible to talk to a Verizon agent who understands the difference between HTTP and HTTPS and can assist me in obtaining a secure connection? Currently, when trying to establish a secure connection, I get the warning:
Your connection is not private
Attackers might be trying to steal your information from myfiosgateway.com (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_AUTHORITY_INVALID
and so on. This is not acceptable to me but is totally fine with at least the last Verizon support agent that I spoke with. How can this be?
Thanks,
Mike
Solved! Go to Correct Answer
1 Solution
Correct answers
Correct answers are available for this post.
Jump to solution.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Browsers consider the self-signed certificates the routers generate as unsecure, for the sheer fact that they are self signed. Self Signed certificates are typically used in man in the middle attacks. They do have valid uses, however. For example, your router likely doesn't have the means to sign certificates for the IP Address "192.168.1.1" or address "myfiosgateway.com" with a valid certificate authority.
Typically, to get an SSL Certificate with a valid authority, you need to have a unique address. For example, you need to own a public IP Address and show proof through WHOIS Records and by hosting resources. The same goes for domains. You also may have to pay for the certificate. A ceritificate authority will never issue certificates for addresses like 192.168.1.1 because they are non-unique and cannot be made personally identifiable.
Hope that makes sense. The Verizon support technician would be right in this case - nothing to worry about. Trust your router's self signed certificate, and you'll know if a firmware upgrade happens or if the router gets swapped/compromised, when it's signature changes.
Keep in mind too. Verizon would not package a real certificate into the firmware, because it would be trivial to lift the private key from the firmware blob. Doing so would be a security issue.
Correct answers are available for this post.
Jump to solution.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Browsers consider the self-signed certificates the routers generate as unsecure, for the sheer fact that they are self signed. Self Signed certificates are typically used in man in the middle attacks. They do have valid uses, however. For example, your router likely doesn't have the means to sign certificates for the IP Address "192.168.1.1" or address "myfiosgateway.com" with a valid certificate authority.
Typically, to get an SSL Certificate with a valid authority, you need to have a unique address. For example, you need to own a public IP Address and show proof through WHOIS Records and by hosting resources. The same goes for domains. You also may have to pay for the certificate. A ceritificate authority will never issue certificates for addresses like 192.168.1.1 because they are non-unique and cannot be made personally identifiable.
Hope that makes sense. The Verizon support technician would be right in this case - nothing to worry about. Trust your router's self signed certificate, and you'll know if a firmware upgrade happens or if the router gets swapped/compromised, when it's signature changes.
Keep in mind too. Verizon would not package a real certificate into the firmware, because it would be trivial to lift the private key from the firmware blob. Doing so would be a security issue.
Follow Verizon
Follow Verizon Fios