Best way to establish ssl connection on a "borrowed" connection?

There is a broadband internet connection that I use occasionally at a remote location.
There is a team that shows up with me who use various apps to perform their designated tasks. To facilitate our work, I carry with me a Linksys wireless router that I plug into a hardwired port to establish our own wireless network in the area where we are working.

The broadband hardwired port is not secure; hence, the wireless connection through the Linksys router is not secure. Many of the apps that are used to do the work, require a secure sockets layer to function. We resort to phone hotspots but they get harder to establish the deeper you get into the building.

What is the best way for me to establish a secure sockets layer for this team?

I’m open to all suggestions like,

    1. lugging in a designated laptop with the right setup maybe with a Let’s Encrypt Cert
    1. buying a different router and customizing it
    1. setting up a Rpi

What are some ways to fix this issue?

TIA

Is the Linksys compatible with Openwrt? Connect it to a VPN service? You can set up your own VPN using a Pi-hole.

SSH though a VPN

A very easy-to-deploy option would be to install Tailscale on each device (installing on the router is not necessary). Configure a device that does have a secure connection as an exit node (it can be a remote device, it doesn’t matter where it is–even a computer at home is fine) and instruct all devices on the tailnet to use the exit node.