web auth cert for guest users

Unanswered Question
Jun 4th, 2007

When a guest user first connects to the internet via my controller, the guest gets prompted for a web authentication certificate and I was wondering if there was a way to get that to stop. I am doing external web authentication and I don't want that to be a step for them on the way to the internet.

Thanks in advance for any help.

Dave

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
gamccall Tue, 06/05/2007 - 12:00

If you're using a self-signed certificate on the controllers, there's no way around this: The OS is going to prompt the user whenever you offer a certificate it doesn't recognize.

The way to avoid this is to install a commercial cert from one of the common CAs that are already installed in most or all browsers... Verisign, etc.

aalton Thu, 08/09/2007 - 08:20

I wonder if the prompting your guests get is actually a notification of a certificate error. This error is because the SSL certificate is issued by the controller itself which is not in the guest's PC's root certificate database.

It's a bad idea to teach users to ignore certificate errors and the only way to stop this is to turn off HTTPS which turns it off even for management access to the controller.

I am having this issue as well and Cisco told me they may allow web authentication to be done with HTTP while still retaining HTTPS for management.

That's a workaround for the short term but I don't think it is a good idea to have the authentication information travelling in the clear either.

I want to see if Verisign or some other valid certificate issuing company can provide us with a 1.1.1.1 (or whatever your virtual address is) certifcate that we can use. If that works it would be nice if Cisco included this certificate with the product.

Actions

This Discussion

 

 

Trending Topics - Security & Network