Since the certificate will be from the firewall, visitor's page will not have any information for the browser. When the client gets certificate it would be Unknown has signed Captive portal and that would generate browser error.
With certificate from trusted 3rd party, it might say Verisign has signed Captive portal, since visitors browser already trusts Verisign cert, there will not be any errors. Hope this helps. Thank you.
The answer to your question is 'No' under your conditions. In general, following are the options:
1. Use a certificate signed by 3rd party vendor like Verisign, GoDaddy, etc. This is best solution as this cert will be trusted by all the browsers irrespective of the device.
2. Use a PAN self signed certificate or domain generated sub-ordinate certificate. Install its certificate authority on the client browsers. Though technically this will work, practically it is very difficult to implement this since typically you wouldn't be knowing which device the user will be using. So not scalable.
Hope it helps.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!