I have a captive portal, to which I want to add an ssl certificate to avoid the unsafe site error. Since the portal is directly in the AP, I don’t know how to generate the certificate.
Normally, captive portals inherently produce a security error if they intercept users’ HTTPS sessions, because HTTPS is specifically designed to check whether a device other than the site’s server is interception the connection. If a captive portal does so, HTTPS is working properly when it correctly detects and warns the user about this condition.
Let’s Encrypt certificates are not designed to be used in this situation and don’t change this result.
Some browsers are adding captive portal detection in order to provide users with a friendlier experience by having the browser itself mention to the user that a portal is in use and needs to be logged in to before another connection can complete. But this is up to the browser—but it’s more and more common all the time.
If you want to get a certificate for your own domain name (like for the portal’s sign-in page), then Let’s Encrypt can definitely help with that. But we would need to know what kind of features you have for generating or importing certificates on the AP device. In many of these cases, the experience isn’t very convenient because Let’s Encrypt is meant to be used in an automated way, and it can be cumbersome and inconvenient to use with devices that allow importing certificates but don’t support Let’s Encrypt in an automated way.
I appreciate your response, in my case the AP only allows me to import the certificates. What I need is to be able to create a certificate with Let s Encrypt with the help of some platform and once created, import my named certificate into the AP to ensure user navigation.
You could try using https://zerossl.com/ to create a Let’s Encrypt certificate using a web interface. This experience isn’t going to be very good compared to an integrated solution, which may not exist for your device.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.