Wireless Access

last person joined: 2 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Certificate Error with Splash page

This thread has been viewed 10 times

  • 1.  Certificate Error with Splash page

    Posted Jul 19, 2019 02:05 AM

    we have tried setting up both:

    Splash page type : Internal - Acknowledged 

    External - With a captive portal profile that points to a external web site and uses Auth Text 

     

    Both seem to give certificate errors for various devices, mainly android and windows devices.    (below is the one that happens on IE)

    The security certificate presented by this website was not issued by a trusted certificate authority

    The security certificate presented by this website was issued for a different address

     

    My preference is to use a external splash page if we can get it working without certificate errors.   

     

    We are using ap-135 with firmware 6.4.4.8-4.2.4.13_69505.

     

    Any thoughts?

     

    Thanks.



  • 2.  RE: Certificate Error with Splash page

    Posted Jul 19, 2019 02:59 AM

    If you are using internal splash page, you have to upload a certificate signed by a public CA on your IAP/controller. By default, your IAP/controller will have a self signed certificate that is not trusted by any browser.

     

    For external captive portal, your server needs to have Public CA signd CA.



  • 3.  RE: Certificate Error with Splash page

    Posted Jul 21, 2019 08:14 PM

    Thanks for your help.   (sorry I didnt respond sooner was the weekend here) 

     

    The external captive portal does have a public CA.  

     

    When we configured the captive portal profile if we use port 443 I get a error saying to many redirects.

     

    When we configure it with port 80 with get the certificate errors.  Mentioned above.

     

    So do we need to install  our external captive portals certificate on the controller or any certificate on the controller if are using the external captive portal ? 

     

    Our external captive portal is just a basic web page so people can  acknowledge our terms and conditions.



  • 4.  RE: Certificate Error with Splash page

    EMPLOYEE
    Posted Jul 21, 2019 08:24 PM
    Too many redirects is indicative of the captive portal destination being blocked. Try adding the FQDN (e.g. mysite.mydomaim.com) for the external captive portal to the walled garden. Also, add in any URLs that you see in the certificate details: e.g. crl.godaddy.com, ocsp.geotrust.com, cert.entrust.com. This will allow IOS devices to pop the captive portal without users having to wait for IOS to fail open on checking the validity of the certificate.


  • 5.  RE: Certificate Error with Splash page

    Posted Jul 21, 2019 08:57 PM

    I just tried adding the various urls to the whitelist of the walled garden.  And still get to many redirects when i try port 443 for the external captive portal.



  • 6.  RE: Certificate Error with Splash page

    EMPLOYEE
    Posted Jul 21, 2019 09:12 PM
    Try using FireFox, in the development options, choose Network. Then browse to the captive portal URL. It may be redirecting to another URL, or pulling data from another URL that is being blocked.


  • 7.  RE: Certificate Error with Splash page

    Posted Jul 21, 2019 09:34 PM

    I just checked with Firefox  like you suggested (I really like that feature thanks for showing me).

    But worst luck I am still getting the error with to many redirects.   There was a few other sites that it mentioned so I added those into the whitelist but it didnt fix it.