This is related to BE9300 v1 firmware 1.0.4 Build 20231020 rel.53518(5553) since it's not in the model list, but probably affects several models.

The certificate that has been embedded with the firmware has a mismatched SAN DNS list that is going to throw security errors in every modern browser, and will not work correctly.  Security workarounds are not acceptable for devices not just marketed as routers, but also as security devices with subscriptions.

Ideally the DNS entry (tplinkwifi.net) and certificate should have functional default values, but at the price point of the BE9300 should also be user configurable and maintainable.