Recommend:
To the knowledge base

Downloading your FRITZ!Box's certificate and importing it to your computer

Each FRITZ!Box has a unique, self-generated certificate for HTTPS internet access to the user interface and FTPS access to storage (NAS) contents.

The FRITZ!Box's certificate is not known to a certification authority or to the computer's local certificate management. As a result, the web browser displays a certificate warning when you try to access the FRITZ!Box. The warning only means that the browser cannot verify the authenticity and integrity of the FRITZ!Box. Even if the browser claims that the connection is insecure, opening the FRITZ!Box user interface does not pose a security risk!

You can avoid the certificate warning by downloading the unique certificate generated by the FRITZ!Box itself and importing it to the computer's certificate administration.

Note:All instructions on configuration and settings given in this guide refer to the latest FRITZ!OS for the FRITZ!Box.

1 Downloading the certificate

If you only use computers with macOS and use Safari or Google Chrome, you do not need the certificate generated by the FRITZ!Box. If you are use Windows, Linux, or Mozilla Firefox, you must download the certificate file:

  1. Click "Internet" in the FRITZ!Box user interface.
  2. Click "Permit Access" in the "Internet" menu.
  3. Click on the "FRITZ!Box Services" tab.
  4. Click "Download Certificate" and save the file with the certificate to your computer.

2 Importing the certificate

Import the FRITZ!Box's certificate to the certificate management of the computer or browser, if the browser has its own certificate store.

Note:If you access the FRITZ!Box over the internet with different computers, you must import the certificate to all of the computers.

Windows

Google Chrome and Microsoft Edge use the Windows certificate management. Therefore, import the FRITZ!Box's certificate to the Windows certificate management:

  1. Click the search symbol in the Windows task bar.
  2. Enter Control Panel in the search field and press Enter.
  3. Click "Network and Internet" and then "Internet Options".
    • Now the "Internet Properties" window opens.
  4. Click on the "Content" tab and then on "Certificates".
    • Now the "Certificates" window opens.
  5. Click on the "Trusted Root Certification Authorities" tab in the "Certificates" window.
  6. Click "Import...".
    • Now the "Certificate Import Wizard" window opens.
  7. Click "Next" in the "Certificate Import Wizard" window.
  8. Click "Browse..." or "Choose File" and select the file with the certificate ("boxcert.cer").
  9. Click "Next", "Next", and then "Finish".
    • Now the "Security Warning" window opens.
  10. Click "Yes" in the "Security Warning" window.
  11. Click "OK" to close the Certificate Import Wizard.

macOS

Google Chrome and Safari use the certificate store of macOS's keychain administration. Therefore, import the FRITZ!Box's certificate to the keychain administration:

  1. Access the FRITZ!Box over the internet with Safari, for example via myfritz.net.
  2. Click on "Show Certificate" in the window "Safari can't verify the identity of the website [...]".
  3. Enable the option "Always trust [...] when connecting to [...]" and click "Continue".
  4. Enter the password of your macOS user account and click "Update settings".

Linux

  1. Import the certificate to the computer's certificate management. If the web browser you are using has its own certificate store, import the certificate to it. Refer to the manufacturer of the Linux distribution or browser for information on importing certificates.

Mozilla Firefox

Firefox does not use the certificate management from Windows, macOS, or Linux, it uses its own certificate store instead. Therefore, import the FRITZ!Box's certificate to Firefox's "Certificate Manager":

  1. Click the (Open menu) button on the top right of Firefox.
  2. Click "Settings”.
  3. Click "Privacy & Security" in the menu on the top left of the screen.
  4. Click "View Certificates" in the section "Security".
    • Now the "Certificate Manager" window opens.
  5. Click on the "Authorities" tab in the "Certificate Manager" window.
  6. Click "Import..." and select the file with the certificate ("boxcert.cer").
  7. Click "Open".
  8. Enable the option "Trust this CA to identify websites" and click "OK".
  9. Click "OK" to save the settings.