quick menu

Certificate Error, Router home page hacked? (192.168.1.1)

Certificate Error, Router home page hacked? (192.168.1.1)

SOLVED
Reply
Contributor user3712
Contributor
Posts: 1
Registered: ‎03-24-2019
Message 31 of 62
(1,854 Views)

When I try to access my router settings via myfiosgateway.com, I can't get past the certificate warning.

 

When I tell my browser (Firefox) to add an exception, it just shows the same certificate warning (screenshot below).

 

2019-03-24 18_15_10-Insecure Connection.png

 

I have also tried it with Edge and Internet Explorer. Same problem.

 

I have been able to access my router settings in the past without issue. Thank you,.

Nickel Contributor
Nickel Contributor
Posts: 75
Registered: ‎12-28-2011
Message 32 of 62
(1,709 Views)

 

It is outrageous that Verizon does not have the correct certificates for our accessing our routers.

This is a security issue for all of us - inflicted by Verizon.

Why has this not been fixed?

 

Highlighted
Contributor jnv11
Contributor
Posts: 3
Registered: ‎03-30-2019
Message 33 of 62
(1,681 Views)

It is impossible to generate and push a certificate that will satisfy browsers by design of the certificate system. The best that Verizon can do is self-signed certificates or plain HTTP without any encryption.

Nobody can generate certificates with a public and private key pair that is signed by a certificate authority and distribute the private key without the certificate getting revoked. If Verizon generated a public and private key pair, got the pair's certificate, and then distributed only the public key, the routers cannot authenticate themselves to the users because they lack the private key needed to authenticate themselves, causing browsers to permanently abort any connection attempts because the browsers will believe that the server is an impostor. If Verizon did the same thing except that it distributed both the private and public keys, the certificate authority will be required to revoke the certificate as soon as it discovers that the private key was distributed to entities outside of the organization's control because distributing the private key causes it to legally be considered compromised, causing browsers to permanently abort any connection attempts because the browsers will learn to immediately distrust anything signed with that certificate if they check the certificate's revocation status with the Online Certificate Status Protocol (OCSP). A self-signed certificate allows encryption, but causes browser warnings that can be bypassed due to the inability of the browser to positively or negatively authenticate the server. Using plain HTTP will cause some browsers to show warnings that the form is not secure.

The only way for this to be possible is for each user to buy their own domain, generate their own private and public key pair, get a security certificate with the key pair and the domain, and upload the certificate, the private key, and the domain to the router.

In short, what you desire is impossible for Verizon to do by design of the certificate system.

Nickel Contributor
Nickel Contributor
Posts: 75
Registered: ‎12-28-2011
Message 34 of 62
(1,673 Views)

Jnv11 -- Thanks very much for your detailed and informative response.

A few things:

First, it is deplorable that a VZ FIOS staffer has NOT responded here to our concerns. 

Second, I understand from your explanation that a more convenient certificate-related solution to this problem is impossible.  But this problem is new.  Two months ago, none of us had any difficulty logging in to our Quantum G1100 routers - we just went to 192.168.1.1 and entered our passwords.  What happened?

Many thanks.

Contributor jnv11
Contributor
Posts: 3
Registered: ‎03-30-2019
Message 35 of 62
(1,627 Views)

My guess is that Verizon wanted to deal with the browser warnings that HTTP login is insecure. It went to self-signed certificates as the least bad option to allow the login to be encrypted.

Nickel Contributor
Nickel Contributor
Posts: 75
Registered: ‎12-28-2011
Message 36 of 62
(1,618 Views)

jnv11 - Verizon has made a mess here.

None of us had any warnings or error messages before this recent change - we had no difficulty logging in to 192.168.1.1.

It is only now that we get confusing error messages about certificates, and some folks here cannot log in at all.

Vz has hurt its paying customers - let's not make any excuses for its bad move here.

 

Contributor sfc3lfr
Contributor
Posts: 1
Registered: ‎04-01-2019
Message 37 of 62
(1,535 Views)

Same issue with the certificate. I did a hard reset, but still could not get into the system. Tried with my Android phone over wifi and it let me in! Desktop is Win 10 x64.  Hope this helps someone else.

Silver Contributor V Silver Contributor V
Silver Contributor V
Posts: 1,037
Registered: ‎06-24-2018
Message 38 of 62
(1,525 Views)

@user3712 wrote:

When I try to access my router settings via myfiosgateway.com, I can't get past the certificate warning.

 

When I tell my browser (Firefox) to add an exception, it just shows the same certificate warning (screenshot below).

 

2019-03-24 18_15_10-Insecure Connection.png

 

I have also tried it with Edge and Internet Explorer. Same problem.

 

I have been able to access my router settings in the past without issue. Thank you,.


I get the same error but I click Advanced then it will give you a link to proceed to the router. 

Contributor stepal
Contributor
Posts: 1
Registered: ‎10-26-2011
Message 39 of 62
(1,463 Views)

These suggestions do not work for folks with up-to-date browsers. For Firefox 66 when you click Advanced and then click Accept the Risk and Continue it cycles right back to the original warning. Verizon has broken it so we can no longer log in to our own routers. VERIZON PLEASE FIX THIS ASAP!

Silver Contributor V Silver Contributor V
Silver Contributor V
Posts: 1,037
Registered: ‎06-24-2018
Message 40 of 62
(1,456 Views)
 wrote:

These suggestions do not work for folks with up-to-date browsers. For Firefox 66 when you click Advanced and then click Accept the Risk and Continue it cycles right back to the original warning. Verizon has broken it so we can no longer log in to our own routers. VERIZON PLEASE FIX THIS ASAP!

I can access the router on an iPhone and iPad on Safari. Also Chrome on a Galaxy Note 8. All three are up to date. 

How-To Videos
 
The following videos were produced by users like you!
   
Videos are subject to the Verizon Fios Community Terms of Service and User Guidelines and contains content that is not created by Verizon.



Verizon Troubleshooters
Unable to find your answer here? Try searching Verizon Troubleshooters for more options.
 

My Verizon

  • Add or Change Plan
  • Suspend My Service
  • Apps

Support

Watch Fios