Hmm, just tripped over this today, mine seems to have updated 3 days ago. What a kludge!

Summary: Clunky, inelegant, confusing, ineffective and poorly implemented Tidy it up please. If I'd been responsible for this in my IT working life I'd have been mightily embarrassed! 🤢

@HPsauce 

"Summary: Clunky, inelegant, confusing, ineffective and poorly implemented Tidy it up please."

Seemed to go smoothly enough to me! Only snag being the new security requirement to log in to Hub 2 to see or do anything.

If you have an existing browser shortcut to the Hub Manager, change the recorded shortcut link from http://192.168.1.254/ to https://192.168.1.254/

This means you now skip the "Secure Connection Required" warning page and go straight to the Hub 2 Home page as usual. If you then try to open any panel you are asked to log in. You only ever need to log in the once per browser session - presumably even from one session to another if you don't delete cookies on exit.

@pvmb Maybe depends on your browser but Edge gives security warnings that you have to override initially and then displays a warning every time that it's insecure.

@HPsauce 

"Edge gives security warnings that you have to override initially and then displays a warning every time that it's insecure."

I am using Edge and if you follow my previous post you will find, apart from needing to log in per new browser session, there are no warnings. Continuing warnings means you are accessing it via the old http link.

@pvmb I updated my link before your posts. Not even this? 

@HPsauce 

"Not even this?"

Yes, but that doesn't matter: https://www.plus.net/help/hubgui/hub-warning/

Your Plusnet Hub uses a self-signed security certificate to encrypt the connection between your device and the hub. Here’s what that means:

• security certificates are used to prove that a website or device is trustworthy and to encrypt the data sent between your browser and that site or device

• most websites use certificates issued by trusted third-party organisations called Certificate Authorities (CAs), which your browser automatically recognises

• self-signed certificate, like the one used by your Plusnet Hub, is created and signed by the device rather than a third party. Because your browser doesn’t recognise the hub as a trusted authority, it shows a warning, even though the connection is still encrypted and secure

It might even be possible to avoid that with suitable settings in Edge - I don't know. My post was how to avoid the warning pages, along with needing to click multiple times to reach Home, people get because of now using an old http link to the Hub's Home page.

At least this ought to help with log in across browser sessions, even if you normally clear cookies on exit (as I do).

Edge::Settings::Cookies and data stored / Cookies and site data::Allow
"The following sites can save cookies on your device. To prevent these cookies from being cleared on exit, go to Clear browsing data on close."

Add: https://192.168.1.254/

Edge::Settings::Privacy, search, and services / Clear browsing data on close::Cookies and other site data::Don't clear
"Cookies for the following sites won't be cleared when you close the browser."

Add: https://192.168.1.254/

...Now tested. Seems to work!

...Also noticed I previously elected to have "turned off warnings" in browser https security warning link - likely reason I don't get warning pages?

Have now downloaded the Hub 2's certificate: bthomehub.home

Issuer:
emailAddress = ********@bt.com
CN = BT Hub CA
O = British Telecommunications plc
L = London
ST = London
C = GB

- Possibly import it to MS Certificate store under "Others"?

This is getting complicated now. 🤔

You should only need to accept the browser warning once, as once it's been accepted it would added to the Certificate Exceptions list.

Providing your browser is not configured to clear these on close, then you shouldn't be prompted again (until the Certificate is changed).  Also as mentioned above, if you've got a bookmark saved, update to it HTTPS to bypass the GUI warning/splash screen.

Is there any changelog what this new firmware provides?
v0.11.01.11071-PN

Over the past couple of days several devices around my home lost internet / wifi connectivity and needed refresh  / restart
I went to check if something had changed and the browser had forgotten the password and that's when I noticed that the password was saved under http://192.168.1.254
Anyway noticed some different fonts in the UI and found that the firmware is updated and that all corresponds to the connectivity issues.

Any new features or improvements in the new firmware?

---

@andyleonard wrote:

My Plusnet Hub 2 suddenly started forcing me to use https to access the web interface. 

---

I posted this in another thread HERE ... My Chrome browser doesn't like accessing an https site with the IP address and wants a domain name ... sorry if I am not supposed to repeat it:

---------------------------

I have had problems for ages trying to get a secure local connection to my Synology router...  This thread peaked my interest again and I re-tried setting up a self-signed certificate and new link on my desktop... no luck - kept getting the warning and insecure website message.

Then I tried googly what's wrong with my web page https connection - it said I shouldn't try connecting to a local IP address but instead use a domain name set up in the hosts file.  So I edited my hosts file - added "192.168.1.1  MyRouter" and change my desktop link to point to https://MyRouter/  ... Low and behold it sprang into life and worked....   Not sure if it's a Chrome specific issue, but it appears to be working on my local network now with a secure encrypted connection to my router.

Not really sure it's directly related but just in case it helps anyone.

I generally don't use my Hub2 router, just kept in a cupboard for diagnostic purposes if needed.  So have not tried it on a hub2 yet.

---

@bakerboy83 wrote:

You should only need to accept the browser warning once, as once it's been accepted it would added to the Certificate Exceptions list.

I believe I stopped the warning pages by choosing to "turn off security warnings for this site" at the drop down from the "Not secure"/"Added security" box next to the browser site link address. I use a somewhat elderly version of Edge, not Firefox, so it is rather different for me. I don't see a "Certificate Exceptions list". But I saw this on line:

https://learn.microsoft.com/en-us/answers/questions/262360/where-to-find-certificate-exceptions-for-...

"If you navigate to edge://settings/privacy and you will see Manage certificates and in this place under Personal tab you will see list of certificate where you added and it is your customized certificates."

I imported the Hub 2 certificate in Windows 'Automatically' and it put it into 'Other People' (for all the difference it makes).
Would it change anything if I moved it to 'Personal', 'Untrusted Publishers', does it really matter?

Providing your browser is not configured to clear these on close, then you shouldn't be prompted again (until the Certificate is changed). 

---

And, if you do clear cookies on exit, then for Edge -

Edge::Settings::Privacy, search and services / Clear browsing data on close::Cookies and other site data::Don't clear
Add: https://192.168.1.254

But doesn't survive a PC/Windows reboot, you will need to log in at least once after that.