Hi Ray,
This is also something I would be extremely happy to see added. And the next step would be for it to talk to remote addresses via https as well so that the communication between them is secure.
For initial configurations a “snakeoil” or other default certificate could be used with a little message on the page suggesting generating a new certificate would be recommended (or possibly just done the first time it starts). Having the option to upload a certificate and key as well, for those of us that can sign our own, would be relatively easy. And of course there’s always the option of letsencrypt.
BUT, while this would be relatively simple of on an OSPi, it gets much harder on an ESP8266. You likely have enough ram free (about 15-20KB is about all that’s needed) having it capable of running either HTTP or HTTPS is much harder. The amount of code tends to explode as they are different enough to cause problems.
So from my experience the certificate is a relatively simple thing, supporting both HTTP and HTTPS on a small processor is much, much harder.
Cheers,
Andrew