Occasional Contributor II

SSL Certificate Installation on Internal Captive Portal

We just purchased some 310s.


We have setup Captive Portal for our Public WiFi network.


We found that when Captive Portal is enabled, public clients receive SSL browser warnings.


I understand that this is due to the fact that the Captive Portal is using a self-signed certificate.


Our Captive Portal page is just an "accept" page, no user credentials are exchanged.


Ideally, we would just disable HTTPS on the Captive Portal page.  However, according to this forum post,, there isn't a way to disable HTTPS on the Instant products.


So, I turn to installing a purchased certificate that browsers will 'accept.'


I found this post detailing how to install a certificate:


My question involves the installation of the certificate.


It sounds like I can create a CSR for a domain like using a Windows PC.  I can then purchase a certificate for  Once I have converted the purchased certificate into a pem file, I can upload the pem file into the controller.  This certificate will be shared across all APs.  Once the purchased certificate is installed, public clients will load the Captive Portal page without errors. 


Is this accurate?


If so, do I need to setup any DNS entries for the  Or add the to the controller?  Or will the controller automatically 'know' to use the new domain name when it brings up the captive portal page with the newly purchased certificate?


Thanks for your help.


Re: SSL Certificate Installation on Internal Captive Portal

yes when you install a HTTPS public cert on the virtual conroller (VC) it will get installed throughout that instant cluster.


then when you are using it for Captive portal, you should not get any warnings about trusting the cert. and you should have a valid DNS entry for your domain as well.

If a reply adequately addresses your issue, please click on the "Accept as Solution"
Search Airheads
Showing results for 
Search instead for 
Did you mean: