I'd like to know this as well. I have a similar problem. We have guest registration for our guest wireless network. Users join the guest wireless on our Cisco WLC. They're redirected to clearpass, which has a trusted cert on the portal. Guests register, receive temporary credentials, sign in, but are then redirected to the Cisco WLC page that says "login successful."
But it uses its on self-signed cert for this, and some browsers force users to accept it as untrusted, or lately, Chrome won't even allow it so users never get in. So is this a cert issue on the WLC? Or would the server-initiated setting on clear pass as previously mentioned fix it?