Skip to main content

Enable HTTPS for WebGUI

To use HTTPS for the RouterOS WebGUI, first we would need to upload a certificate to the RouterOS device. 

Generate a self-sign cert from another place, such as pfSense, Creating Self-Signed Certificate Authority and Certificates, and export it as a .crt and .key file.

Login to the RouterOS webGUI (you may need to login via HTTP for this), then go to Files -> Browse

Screenshot_2024-07-02_005133.png

Upload the .crt and .key file. If sucessful, you should see the file names appear. 

Screenshot_2024-07-02_005223.png

Go to Systems -> Certificate, and click Import

Screenshot_2024-07-02_005325.png

Click on the triangle next to the Name field, and give the cert a name. 

Under File Name dropdown, select the cert file that you have imported previously. 

Click Import when done. 

Screenshot_2024-07-02_005410.png

You will see that the cert has been imported. Repeat the above steps to import the key as well. 

If both cert and key has been sucessfully imported, you will see the letter KT in the first column, indicating that both a key and a cert is impoted to the system. 

Screenshot_2024-07-02_005510.png

Go to IP -> Services. Click on www-ssl

Screenshot_2024-07-02_005550.png

Check the box to Enable the service, and select the SSL cert. Click ok when done. 

Screenshot_2024-07-02_005630.png

Now you can access the device over HTTPS. 

While we are at the IP -> Services page, it is a good idea to disable any unused or unsecure services running on the device, such as FTP and Telnet. 

Screenshot_2025-01-01_232102.png

Back to top