Embedded devices, such as routers, IP cameras, generally provide HTTPS access to the admin interface. These HTTPS implementations generally have a lot of problems (non-unique certificates, self-signed certificates, etc.), which make connections insecure. So, I'm looking for best practices, how an embedded device can implement HTTPS in a secure way, which fulfills the following requirements:
- The browser accessing the device via HTTPS (both remotely and from LAN) does not display any warning to the user. Thus the browser is able to validate the certificate sent by the device correctly.
- If the private key of the device was compromised, an attacker should not be able to use this key to perform MitM attack against another device or another web page.
- If it was possible, users should not have to install any certificate or accept any exception in their browsers.