This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject

Captive Portal SSL Certificate?

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Captive Portal SSL Certificate?

tjcarter
L1 Bithead

‎10-11-2010 04:49 PM

Does anyone have a recommendation on where we can get an SSL certificate that works with the Captive Portal and will be fully trusted by the most commonly used browsers.  Or.. perhaps some guidance on how this situation is best tackled...  Our situation is as follows:

1) We want a certificate that will not generate an error of any sort when digested by the browser.

2) Our certificate needs to be issued to an IP address. We do not control the DNS server so we are unable to get the required reverse DNS entry implemented.

3) We tried a COMODO Certificate.  It worked in some browsers but on a fresh install of Windows 7 w/ IE 8 we get an certificate error.  If we download and install the COMODO root and intermediate certificates all is well.  COMODO support recommends that we install these on the PAN (PAN 2050 for us), but I do not see this as an option on the PAN.

4) Research and COMODO support recommended a unchained certificate but it seems they are no longer being offered.

Thanks in advance for any and all replies!

Labels:
0 Likes Likes
12 REPLIES 12

pantac
L3 Networker

‎10-11-2010 07:20 PM

To install the root and intermediate certs you will need to open both in notepad. Paste all of the text from the intermedite certificate to the bottom of the root certificate. Then import this new certificate into the PAN device. This can be used for both Captive Portal and SSL-VPN certificates.

tjcarter
L1 Bithead
In response to pantac

‎10-12-2010 07:09 AM

So there is a way!  One last question and I think I am home free.  Where should the combined certificate be imported?  Client OCSP Verfiy CA Certificate?  Trusted CA Certificate? or Client CA Certificate?

Thanks again for your help!

0 Likes Likes

nrice
L5 Sessionator
In response to tjcarter

‎10-13-2010 09:25 AM

Under "Certificates on the "Device" tab:

300.png

0 Likes Likes

tjcarter
L1 Bithead
In response to nrice

‎10-13-2010 10:30 AM

The previous advice was to combine the required root and intermediate certificates.  Such a certificate will not load in the area you suggest since we have neither the required key or passphrase.

0 Likes Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks