Using HTTPS for the web interface

I understand many home users would not care about using https for their iHome, so I am perfectly fine to keep the default as http, but it’s getting more and more common that https is a requirement (see I got v1.6.0 and it seems to not have any method of using https.

Thus it would be nice to enable https. All it needs is to be able to upload a certificate, or the iHost creates a certificate and presents the CSR, which I can get signed, and then I can upload the signed certificate.

As a simple example how to implement it, look at RouterOS from Mikrotik: upload the private key file and the certificate, and enable https.

1 Like

This is already in the works - due to be completed in September


Oh, that’s nice to know. Is there a roadmap what is in the works for upcoming releases? All I know is from which has a roadmap. Is there a more detailed one what’s in progress or what is planned to be delivered in the near future?

@Alexie do you have an update about getting the https feature?
September has gone :slight_smile:


Yes and now so is 2023…
Anybody tried to set HTTPS using Tailscale?

Using a front-end as a HTTPS proxy is not the problem: that works, but it’s a hassle and needs either another device or a container acting as a proxy.

At the same time it is not difficult at all to server HTTP and HTTPS. The latter only needs a certificate. Worst case self-signed (untrustworthy but at least encrypted), or the ability to upload your certificate (I want that), or the usual CSR process.

I’m still waiting for that feature. Given that security is a thing we all should care about, it should be mandatory, but at least I am not connecting to the Internet…and when connecting to the Internet, Tailscale and similar are mandatory. Which is why I’d rather have HTTPS built-in.

If you want https to expose iHost on Internet, you are for sure doing it wrong.

Also, https on internal network, especially that the only thing that might be sensitive is your ihost password, is just a “nice to have”.

Set a Nginx Proxy Manager which will also care about certificates and create several possibilities, its easier than everything else.

1 Like