Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

web auth cert for guest users

When a guest user first connects to the internet via my controller, the guest gets prompted for a web authentication certificate and I was wondering if there was a way to get that to stop. I am doing external web authentication and I don't want that to be a step for them on the way to the internet.

Thanks in advance for any help.

Dave

2 REPLIES
Silver

Re: web auth cert for guest users

If you're using a self-signed certificate on the controllers, there's no way around this: The OS is going to prompt the user whenever you offer a certificate it doesn't recognize.

The way to avoid this is to install a commercial cert from one of the common CAs that are already installed in most or all browsers... Verisign, etc.

New Member

Re: web auth cert for guest users

I wonder if the prompting your guests get is actually a notification of a certificate error. This error is because the SSL certificate is issued by the controller itself which is not in the guest's PC's root certificate database.

It's a bad idea to teach users to ignore certificate errors and the only way to stop this is to turn off HTTPS which turns it off even for management access to the controller.

I am having this issue as well and Cisco told me they may allow web authentication to be done with HTTP while still retaining HTTPS for management.

That's a workaround for the short term but I don't think it is a good idea to have the authentication information travelling in the clear either.

I want to see if Verisign or some other valid certificate issuing company can provide us with a 1.1.1.1 (or whatever your virtual address is) certifcate that we can use. If that works it would be nice if Cisco included this certificate with the product.

245
Views
0
Helpful
2
Replies