Hi,I have AP 505 with software 188.8.131.52. I am fighting with hotspot system. I have external captive portal, it works fine. But i have problem with redirect to securelogin.arubanetworks.com all clients devices report this doman as unsecured, and its true because certificate on this site are selfsigned.
I will setup own securelogin domain like securelogin.mydomain.com. I have wildcard certificate for mydomain.com. I try to add my cert in Maintenance>Certificates and i have fail. Still I see Convert certificate error. For my cert i have 3 files: certificate, private key, CA cert. Also i try to convert my files to pkcs12 cert, its still does not work.
How can i setup securelogin.arubanetworks.com for my captive portal?
for instant APs, you need to upload the new wildcard cert in pem/cer or crt format I generally use pem with no issues. The pem format cert should have the full chainThe last section of the pem format should include the private key.
I does not have that certificate type. I only have:
Ok, when i created pem and last section was private key upload was successful.
For now next question, how can i set my fqdn for securelogin? For examle securelogin.mydmain.com?
is the server cert a wild card cert?
Yes, this is wild card cert.
For speed up i bought new ssl cert for single domain.
I uploaded new cert, now i have my fqdn when i try to connect to my guest network.
In mobile device all is correct, but windows display warning about unsecured data sending. I have set use https in capative portal, windows still use http. Can i fix it or force to use https?
What is youre external captive portal server? Does that have a trusted certificate as well?
Where you have now 127.0.0.1, you should put in the FQDN of your captive portal server. And on the captive portal server you should configure https://fqdn-of-cert-on-iap/..path-for-login... to use https.
This video may help you to understand the communication flow with external captive portal.
It may help to use your browser developer tools to monitor/follow all connections made by the client to determine where the certificate warnings are triggered.
© Copyright 2023 Hewlett Packard Enterprise Development LPAll Rights Reserved.