Security

Recently my CP Server Certificate was about to expire, after wich I renew it with a new PositiveSSL certificate.

For some reason, this certificate is not automatically accepted on the guest network, when using security level "Internal - Acknowledged" or "Internal - Authenticated".

Only after manually accepting the certificate in the device (iPhone or MACOS) the devices are able to authenticate.

How should a certificate be prepared, to be able to properly work for a captive-portal?

generally when you create your CSR to be signed by the CA and upload it, you'll get a server cert and the full certificate chain of the CA.Then you combine it with your private keys and upload it to Instant.

Did you upload teh new cert with  the full  trust chain ?

After I indeed created a file with the full chain, with key, certificate and CA, the certificate was working correctly.

Would be nice to have clear information in the documentation about what the different options in the certificate upload screen are, as there is a CA option available in there too. It was not expected by me that in the Captive Portal server upload the full chain was expected in the file...

i agree we should imporve the user guide section on certs.