Hi Ian,
The “insecure” config button should not be visible when you have specified a password. That is a bug that has been raised but not yet fixed.
https://bugzilla.ipfire.org/show_bug.cgi?id=11048
I am the assignee on that bug. The scope was expanded a little and that effectively also includes trying to get the certs embedded into the config file as in your other post but that has some challenges when the cert is password protected as you then have to embed the cert in an encrypted form. It also includes having all the different versions of cert /config combination provided in one file so that there is only one button that provides all the different options in one go.
That bug is pushing my capabilities but I have made some progress with it and will continue to work on it.
Of course if someone else more capable than me wants to pick it up I don’t have any problems with that at all.