Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Captive Poral Https Help

    Scheduled Pinned Locked Moved
    Captive Portal
    4
    5
    4.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Baries
      last edited by

      Hi

      Does anyone have a good turtorial for the Captive Portal Https Login ? I have searching and have not found a solution yet. Got the server and certificate fields setup , but what else is required  ?

      Thanks

      1 Reply Last reply Reply Quote 0
      • R
        Richthofen
        last edited by

        Hau!

        just did it here

        you must have openssl installed
        in my linux box I did:

        root@linux#> openssl req -new -nodes > cert.csr

        Answer the questions and when Common Name (CN) is required type the pfsense machine name and make sure captive portal clients can resolve this name in DNS. So probably you´ll need to update you DNS server config.

        Common Name (eg, YOUR name) []: pfsense.yournet.net

        after that 2 files will be created –> cert.csr and privkey.pem

        then you do:

        openssl x509 -in cert.csr -out cert.pem -req -signkey privkey.pem -days 999

        and a third file will be created --> cert.pem

        In captive portal properties page you enable HTTPS Login, fill "HTTPS server name" with the same name you  typed in CN above.

        Again in linux box you type:

        root@linux#> cat cert.pem

        copy and paste all the output in "HTTPS Certificate" --> including ---- BEGIN CERTIFICATE and ---- END CERTIFICATE

        Again in linux box you type:

        root@linux#> cat privkey.pem

        copy and paste all the output in "HTTPS Private Key" --> including ---- BEGIN RSA PRIVATE KEY and ---- END RSA PRIVATE KEY

        last step is to change the captive portal page content and change address to https:// and port to 8001

        FORM action=https://pfsense.yournet.net:8001

        SAVE and test

        now before load captive portal authentication page will be shown a warning about HTTPS conection and you can see the padlock down the browser.

        thats it

        1 Reply Last reply Reply Quote 0
        • S
          sullrich
          last edited by

          You can also reuse the cert from system -> advanced but its a much better idea to create your own.

          1 Reply Last reply Reply Quote 0
          • D
            danbutter
            last edited by

            Any suggestion for those of us that don't have a linux box available?

            1 Reply Last reply Reply Quote 0
            • D
              danbutter
              last edited by

              to answer my own question…I think...unless there is something wrong with this method that I am unaware of...

              I decided to see what Mr. Ullrich meant by reuse the cert so I went in there and found that there is a way to create them. 
              There is a link in the word create in the middle of the webGUI SSL certificate/key section.
              as long as you fill out every field in there you will get a matching combo.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post