What is youre external captive portal server? Does that have a trusted certificate as well?
Where you have now 127.0.0.1, you should put in the FQDN of your captive portal server. And on the captive portal server you should configure https://fqdn-of-cert-on-iap/..path-for-login... to use https.
This video may help you to understand the communication flow with external captive portal.
It may help to use your browser developer tools to monitor/follow all connections made by the client to determine where the certificate warnings are triggered.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Jun 01, 2023 06:35 AM
From: arubek
Subject: Another securelogin case
For speed up i bought new ssl cert for single domain.
I uploaded new cert, now i have my fqdn when i try to connect to my guest network.
In mobile device all is correct, but windows display warning about unsecured data sending. I have set use https in capative portal, windows still use http. Can i fix it or force to use https?
Original Message:
Sent: May 29, 2023 02:58 AM
From: arubek
Subject: Another securelogin case
Yes, this is wild card cert.
Original Message:
Sent: May 29, 2023 01:25 AM
From: ariyap
Subject: Another securelogin case
is the server cert a wild card cert?
------------------------------
If my post was useful accept solution and/or give kudos.
Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
Original Message:
Sent: May 29, 2023 01:19 AM
From: arubek
Subject: Another securelogin case
Ok, when i created pem and last section was private key upload was successful.
For now next question, how can i set my fqdn for securelogin? For examle securelogin.mydmain.com?
Original Message:
Sent: May 29, 2023 01:11 AM
From: arubek
Subject: Another securelogin case
I does not have that certificate type. I only have:
Original Message:
Sent: May 25, 2023 07:07 PM
From: ariyap
Subject: Another securelogin case
for instant APs, you need to upload the new wildcard cert in pem/cer or crt format
I generally use pem with no issues. The pem format cert should have the full chain
The last section of the pem format should include the private key.
------------------------------
If my post was useful accept solution and/or give kudos.
Any opinions expressed here are solely my own and not necessarily that of HPE or Aruba.
Original Message:
Sent: May 24, 2023 02:06 AM
From: arubek
Subject: Another securelogin case
Hi,
I have AP 505 with software 8.11.1.0. I am fighting with hotspot system. I have external captive portal, it works fine. But i have problem with redirect to securelogin.arubanetworks.com all clients devices report this doman as unsecured, and its true because certificate on this site are selfsigned.
I will setup own securelogin domain like securelogin.mydomain.com. I have wildcard certificate for mydomain.com. I try to add my cert in Maintenance>Certificates and i have fail. Still I see Convert certificate error. For my cert i have 3 files: certificate, private key, CA cert. Also i try to convert my files to pkcs12 cert, its still does not work.
How can i setup securelogin.arubanetworks.com for my captive portal?