I have just checked my NeoRouter Free server on
SSL Labs. Just put IP address and port a hit "Submit" buttons. The results seem to be not very good.
Obviously, SSL Labs reports that certificate is self-signed, therefore it should not be trusted. I don't see this as a big problem.
What worries me, though, is the following:
1. Certificate has a weak signature (SHA1). SHA1 should be deprecated after 2015. NeoRouter should really switch to SHA2.
2. Server accepts RC4 cipher.
3. Server does not support Forward Secrecy.
I see these findings quite disturbing. Correct me if I am wrong. Anyway, is it so difficult for developers to generate SHA2 certificate to increase security? Would be happy to have feedback from devs.