Security

Hello i want to use the captive portal but i dont want to  get the certificate warning, ill use http, and i know it goes on cleartext the password and user.

 

Anyways I have set it up that on clearpass on the selftregistration  on

Secure Login im putting send clearpass password cleartext http

 

on the controller on the captive portal authentication i put the checkbox i put the check on it also on the  login page i put http instead of https for the url

 

and when i use the captive portal im getting redirected but i get the certificate warning

 

Also i tried this

http://community.arubanetworks.com/t5/Technology-Blog/Captive-Portal-why-do-I-get-those-certificate-warnings/ba-p/268921

 

and i tried deleting the https rule that redirect but when i do that when iuse the captive portal i get stuck when i try to use a https page like google to po up the captive portal... if i use a page that use http then its okay it works but users will try to use google or something like that so this does not work for me...

I also see that the someone posted a mesage in that tread that noone asnwer to seems to be the same problem

TIM, someone!  help? :(

 

Cheers

Carlos

Hi Carlos,

 

In Home » Configuration » Authentication page, uncheck the security box.

 

Security:

Require HTTPS for guest access If checked, HTTP access by guests will be redirected to use HTTPS instead.

Regards,

Pavan

If my post addrresses your query, give kudos:)

i still get the certificate error....

Are you getting a certificate error when you go to a non-secured site like ebay.com?

its when i got to a secure page for example google.com

 

On clearpass this is also unchecked

Require HTTPS for guest access under Authentication Settings

The only way to prevent that would be to remove HTTPS redirection in your user-role.

If you mean deleting this rule

IPv4 user any svc-https dst-nat 8081 Low

I already did it and when i do that the https pages wont open...

 

Cheers

Carlos

That’s correct. There is no way to avoid certificate warnings when navigating to an HTTPS page. That’s the whole point of the certificate warning in the first place.

That works if the captive portal is the controller....

It doesnt work if the captive portal is the clearpass...

 

So there is no way to do this with the clearpass? even using http only?

It just that i find odd that you can do it with controller but not with clearpass..

Tim is there is any way that with the clearpass i dont get the certificate error when the user goes to the web browser and go for an https like google to get the captive portal?

 

If there is no way is there any documentation we can use to show that is not possible?

 

Cheers

Carlos

Hello Tim

I have been reading about this topic today and i reach to this conclutions which i would like to know if they are correct

 

1-When the user navigates to a https website like google there is no way to NOT get the certificate warning because when the user goes to https://www.google.com the client is expecting the certificate of google and instead of that get the certificate of the controller or clearpass and even if you put a public certificate he is not expecting that certificate and we end up with the certificate error

 

2-When accessing HTTP there is no problem becuase we are not expecting any cert on that website, and when we get redirected to the captive portal IF we do not have a public certificate, we will get a certificate error(becuase the cilent does not have the root certificate of the controller) If the controller or clearpass has  a public certificate THEN we will not get any certificate error of any kind

 

3-I bealive i can use this article as an explanation of whats happening

http://community.arubanetworks.com/t5/Technology-Blog/Captive-Portal-why-do-I-get-those-certificate-warnings/ba-p/268921

 

is all this correct? Tim?

 

Cheers

Carlos

Looks correct.