Captive portal in version SFOS 19.0.0 GA-Build31 is not using specified certificate as admin portal.
Captive portal is using SOPHOS cert which is not correct in my setup. See below images.
Have tried fresh re-install, upgrade removing and re-adding the cert an CA detail - not working.
...
Hello Andrew Laing,Under the Administration > Admin and user setttings > Please check and revert.
Thanks & Regards,_______________________________________________________________
Vivek Jagad | Technical Account Manager 3 | Cyber Security Evolved
Sophos Community | Product Documentation | Sophos Techvids | SMSIf a post solves your question please use the 'Verify Answer' button.
Hi Vivek,
The certificate is set to the SSL certificate I have purchased. It is working fine in the ADMIN console but the captive portal is not working.
Furthermore the user portal is using the correct certificate.
The issue seems to be only with the captive portal for user sign on - please investigate and revert.
In that case, use the following KBA: https://support.sophos.com/support/s/article/KB-000036904?language=en_USIt will also help you use a secure cert rather than the error insecure !!
Why would the certificate that I own work fine in the user console and admin portal, I do not want to use the appliance certificate!
There is an issue with the captive portal using the appliance certificate and not the SSL certificate specified, why would it work for the user portal and admin portal?
Please investigate, again I will not use the appliance certificate - this defeats the purpose of an SSL certificate.
So, I just replicated in my test environment: SFVUNL (SFOS 19.0.0 GA-Build317)Step:1 Created a self signed cert locally: Step-2 Assigned it under the admin & user settings Step-3 Ensured the details under the certificate > certificate authorities > default cert is filled properly.Step-4 downloaded the cert and installed that cert under the MMC > Trusted root certificate under the client machine.Step- 5 Access the captive portal:This worked for me, can you check if you have proper details filled under the default cert certificate > certificate authorities and if that default cert is installed in the client machine ?