Security

Reply
Regular Contributor II

Having Trouble with IOS 11 with Captive Portal

We are using a publically signed certificate. The iDevices complain about the captive portal. Before the user could tap trust certificate and now that is gone. The Guest is open with a captive portal no WPA2. Any ideas on how to get around this issue without going to a Guest SSID with WPA2, (upper management does not want this). 

Guru Elite

Re: Having Trouble with IOS 11 with Captive Portal

Is it a SHA2+ cert?
2048-bit+ key?
Chained correctly?

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Regular Contributor II

Re: Having Trouble with IOS 11 with Captive Portal

I know it is 2048-bit and is chained correctly. Not sure about the SHA2+

Guru Elite

Re: Having Trouble with IOS 11 with Captive Portal

Make sure it's SHA2 or greater.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Regular Contributor II

Re: Having Trouble with IOS 11 with Captive Portal

When I look at the details of the cert:

Version: V3

Signature algorithm: sha256RSA

Signature hash algorithm: sha256

Issuer GeoTrust DV SSL CA - G3

Public Key: RSA (2048)

 

It is valid until June 2018.

 

Regular Contributor II

Re: Having Trouble with IOS 11 with Captive Portal

It's only happening on iDevices. I have a MAC running High Sierra and it is fine.

Guru Elite

Re: Having Trouble with IOS 11 with Captive Portal

Is the CNA popping?

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Regular Contributor II

Re: Having Trouble with IOS 11 with Captive Portal

Yes, it is. The user gets the login screen. They are able to see the check box and if they want click on the terms and agreement link to view. Once they click on the link we have it redirect to the hospital's website which is also https. It is saying that not a valid cert when the redirection. Could it be the redirect? But the error is saying the captive portal page cert it does not like not the redirected website.

Guru Elite

Re: Having Trouble with IOS 11 with Captive Portal

hm. Have not seen that behavior. Best to work with TAC.

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: