I'm trying to browse to an http only site. I'm seeing the same problem on Windows, ipad, and Android.
I've read some of the excellent blog posts that describe how the browser is essentially doing a MITM attack, and how a cert error will appear if https traffic is involved.
In my case the user gets redirected to clearpass.mydomain.com
But the certificate reads controller.mydomain.com, which naturally throws up an error.
Maybe I don't understand the process well enough, but why does the browser get 'hung up' on the controller cert, and not get the clearpass cert?