I have a customer that has an existing Guest Captive Portal for self registration. We are coming in to add the ability for students and staff to login using their Google login for guest Wireless.
I have set up the SSO settings for their Google as the IDP in ClearPass. I have set up the custom App on the Google side and imported the certificate from Google to ClearPass Trust list.
I have added the URL link for the SSO Google Login to the footer of the existing captive portal page. When a user connects to the guest SSID they will be presented with the same captive portal page from ClearPass. Users staff and students who have the School Google account can click on that link in the captive portal page. This directs them to the login page for Google.
The process all seems to work except when the user clicks on that link to get to the Google login they are getting a certificate error. They are being directed to the accounts.google.com but the certificate is showing as the ClearPass certificate. Because we have imported the Google certificate to ClearPass, I would expect that the trust is in place and the user should not get a certificate error. I was also expecting the client to see the Google certificate when redirected to the accounts.google.com page not the ClearPass certificate.
Is there a step I am missing for the client to not have a certificate warning?