Never use unencrypted protocol like HTTP or FTP toward your router!
Your password will travel plain-text and risk is not worth 5 minutes it takes to enable TLS encryption!
For HTTPS to work need to create two certificates (root and HTTPS certificate):
/certificate add name=root-cert common-name=MikrotikRouter days-valid=3650 key-usage=key-cert-sign,crl-sign sign root-cert add name=https-cert common-name=MikrotikRouter days-valid=3650 sign ca=root-cert https-cert
The example is 10 years (3650 days). But this could be less, not a bad idea, changing the cert every year…
If there is a change in the affected package during the firmware upgrade, it is worth re-generating the certs.
With certificate signed, just need to assign it to www-ssl service and enable it, while disabling http:
/ip service set www-ssl certificate=https-cert disabled=no set www disabled=yes
Project done, now you can access your router via HTTPS…