Wireless Access

Reply
Contributor I

Clearpass Captive Portal Certificate Error

Hi All

 

I am using Clearpass Guest for a self registration guest network via a captive portal page,  if a user connects to the Guest SSID, opens their browser and tries to navigate to a HTTP page, they are redirected to the captive portal page and everything is fine, however if they try to navigate to a HTTPS page the browser complains about the certificate. I assume this is because the browser is expecting to see a certificate for the original page they tried to browse to, but is instead getting the certificate for the capive portal page. Is there anyting I can do about this or is it something we will have to live with.

 

Would appreciate any advice

 

Thanks

 

Dave

Guru Elite

Re: Clearpass Captive Portal Certificate Error

Unfortunately this is an industry-wide problem. There is currently no
solution.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Contributor I

Re: Clearpass Captive Portal Certificate Error

Has anyone come up with a possible workaround for this? This is a major problem for captive portal solutions since more and more sites are secure.

 

I haven't though of how this would be configured specifically and what exact configuration items would be required but would redirecting to a HTTP site first which in turn redirect to HTTPS login page be possible? Has anyone possibly done this?

 

Thanks,

Peter

 

 

Guru Elite

Re: Clearpass Captive Portal Certificate Error

This is an industry wide problem. There are some standards out there to help prevent this but no client devices have implememted them.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: