I understand many home users would not care about using https for their iHome, so I am perfectly fine to keep the default as http, but it’s getting more and more common that https is a requirement (see https://www.digicert.com/blog/https-only-features-in-browsers). I got v1.6.0 and it seems to not have any method of using https.
Thus it would be nice to enable https. All it needs is to be able to upload a certificate, or the iHost creates a certificate and presents the CSR, which I can get signed, and then I can upload the signed certificate.
As a simple example how to implement it, look at RouterOS from Mikrotik: upload the private key file and the certificate, and enable https.
Using a front-end as a HTTPS proxy is not the problem: that works, but it’s a hassle and needs either another device or a container acting as a proxy.
At the same time it is not difficult at all to server HTTP and HTTPS. The latter only needs a certificate. Worst case self-signed (untrustworthy but at least encrypted), or the ability to upload your certificate (I want that), or the usual CSR process.
I’m still waiting for that feature. Given that security is a thing we all should care about, it should be mandatory, but at least I am not connecting to the Internet…and when connecting to the Internet, Tailscale and similar are mandatory. Which is why I’d rather have HTTPS built-in.
