Firmware update 8.0.1 hanging in SOHO MK3

I used the in-app update firmware feature–after downloading config–to update from 8.0.0 to 8.0.1. It got to 79% after a few minutes, and remained there for another fifteen minutes. Internet returned, but I have no idea if the update finished. I refreshed the browser page of the admin app, and now for Firmware, it just shows a cycling icon, as if still in progress. Unsure what to do. When I try to go to other modules of the admin, it says it will go over an unencrypted “captive-content…peplink…” cert. Any ideas are appreciated, thanks.

Eventually I received my configured email notification that the router had started again, and it showed as the updated firmware. No further need to investigate.

How long did the process take?

I seem to have had a similar experience to ericm (i.e., hanging at 79%, Internet does now function, browser refresh ran into problems, but no “configured email notification” – I’m not sure I’d set up email notification for firmware updates, however).

But I’m still left with a major problem, after perhaps an hour: I no longer can load the router’s admin app in the browser (Firefox 70.0.1 64-bit). Instead I get a “Warning: Potential Security Risk Ahead” and “[Firefox] did not continue to [internal network IP address of router]”. It’s complaining that the security certificate is invalid (Error code: SSL_ERROR_BAD_CERT_DOMAIN); that it’s valid only for captive-portal.peplink.com, www.captive-portal.peplink.com

I see that the SSL Client Certificate is issued by Go Daddy Secure Certificate Authority - G2… is that indeed what Peplink is using? (I hadn’t checked this before)

Any suggestions, please?

I had the same experience. I was using Safari. Same cert warning, no matter where I tried to go in the admin utility, including a refresh of the same hung page. I finally just killed the browser, because I got the notification email that my router started – it just happened to list the firmware version. And my internet was working. So, problem “solved”. I should note that I did the update firmware from the admin utility. Not sure of the same would happen had I downloaded it first, then used that to update. In any case, this is a problem. For me, that whole experience was perhaps 45 minutes. And I could eventually get back into the admin utility. Can you, after closing the browser, logging in again?

The problem with the certificate used by a Peplink router is not a problem, just a mis-understanding. Digital certificates enable two things: identity verification and encryption of data in-flight. Regardless of this error, you will get the in-flight encrypted data. The error has to do with the ID verification of the router. No certificate is ever issued to an IP address, so any access to a secure web page by IP address will generate this same error.

If you use HTTP, no error. Better though to stick with HTTPS.

BAD_CERT_DOMAIN means bad certificate domain and what is bad is that the certificate was issued to www.captive-portal.peplink.com rather than to 192.168.50.1 (or whatever you might have changed the IP address to). Blame your confusion on Mozilla for their poor explanation of the situation. Not that the Chrome browser explains it well either.

2 Likes

Thanks ericm & Michael234! Still stymied, however:

I went ahead with “Accept Risk and Continue”, which opened the “risky” login page for the router admin. Tried to log in, which it seemed to accept but then re-displayed the login page with the username and PW fields cleared. Can’t manage to get past this point. Unable even to verify whether the router is running 8.0.1 or still 8.0.0

@Michael234 Haven’t tried http: but would prefer to see this work with https:
@ericm I’ve always done previous firmware updates from within the admin utility but without this difficulty

If HTTP is allowed (that’s up to you) give it a try. Also, enter and invalid password just to see what happens. And, try a different web browser. Finally, power cycle the router (turn it off, then back on).

Have you setup an InControl account? It could be a handy back door.

The login page is not at all risky, despite what your browser says.

1 Like

@Michael234 thank you once more! Problem now fixed… just to recap:
I hadn’t allowed HTTP in my configuration; administer only with HTTPS. Invalid password did get a different response: “invalid password”, as expected. Used Microsoft Edge instead of Firefox, and that worked. Rebooted the router, changed setting to allow HTTP administration; logged out; went back to Firefox and logged in with HTTP. No go–same problem as before, but the redisplayed login page changed to HTTPS. Convinced at this point it was a browser issue, so cleared Firefox cache&cookies, and voila, now working.

No, I hadn’t considered InControl before. I confess to being a bit of a cloud-skeptic, but maybe worth taking another look.

[quote=“GTB, post:9, topic:24821”]
p:I hadn’t allowed HTTP in my configuration; administer only with HTTPS.[/quote]

Cant argue with that.

Interesting that a bad password worked as expected, but a good one was a problem. Check the event log at the time this happened, if possible.

As for switching browsers, the problem may have been an add-on in one browser that is not in the other. I have had this problem with routers from more than one vendor. My guess is that there are no add-ons in Edge. Perhaps test Firefox with all add-ons disabled.

Rebooted the router, changed setting to allow HTTP administration; logged out; went back to >Firefox and logged in with HTTP. No go–same problem as before,

If the problem was a Firefox add-on, that would explain this too.

cleared Firefox cache&cookies, and voila, now working.

Great. So, disable HTTP again.

1 Like