Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    CP HTTPS without red page

    Scheduled Pinned Locked Moved Captive Portal
    10 Posts 4 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rovshango
      last edited by

      Hi,

      Is it possible configure CP with HTTPS but not to get RED PAGE (HTTPS CERT etc.) ?

      Thanks

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        Hi,

        What is a red page ?

        I guess you mean that you use a self-signed certificate when you activated the "https" on your portal.
        That isn't a great idea, knowing that real certificates exists, and you can get them for free.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • K
          kejianshi
          last edited by

          Nothing at all is wrong with self signed certs - But the people who sell them and make web browsers would like you to think there is.

          There is no money in a self signed cert…

          1 Reply Last reply Reply Quote 0
          • R
            rovshango
            last edited by

            Hi and thanks for replies,

            To be more clear I will explain my question detailed:

            I did some interface changes in CP Login page, so when user tries open any URL pfSense directs it to CP login page (http://IP_ADDRESS:8000/bla-bla)
            Then user prompt its username/password etc.

            But when I do enable HTTPS login option for CP it directs to HTTPS login page (http://IP_ADDRESS:8001/bla-bla) and client gets certification notification (see attachment as example)
            But ignoring/accepting it user then again can prompt username/password and go on surfing web

            So I am asking is it possible enable HTTPS login and do not get notification page ?

            Thanks

            Capture.JPG
            Capture.JPG_thumb

            1 Reply Last reply Reply Quote 0
            • K
              kejianshi
              last edited by

              You would have to replace your self signed cert in CP with a signed cert which can be cheap or perhaps free - I'd put my money on $9 - $19 or so with digicert or someone like that.

              If you get a signed cert to avoid those warning pages, you will want one that appears in the trusted roots for all the various OSes / Browsers.

              1 Reply Last reply Reply Quote 0
              • R
                rovshango
                last edited by

                Sorry but I didn't get it

                you will want one that appears in the trusted roots for all the various OSes / Browsers.

                1 Reply Last reply Reply Quote 0
                • K
                  kejianshi
                  last edited by

                  Not every signed cert is universally recognized by all browsers, so try to pick one that is.
                  It depends if the root cert authority is in the list for the browser being used.

                  A reliable company will be widely recognized - Others may not be.

                  1 Reply Last reply Reply Quote 0
                  • R
                    rovshango
                    last edited by

                    OK then I will get cert from digicert and test it
                    Thanks

                    1 Reply Last reply Reply Quote 0
                    • DerelictD
                      Derelict LAYER 8 Netgate
                      last edited by

                      Don't waste your money if you're thinking it'll stop all cert errors.

                      https://forum.pfsense.org/index.php?topic=85423.msg470634#msg470634

                      Chattanooga, Tennessee, USA
                      A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                      DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                      Do Not Chat For Help! NO_WAN_EGRESS(TM)

                      1 Reply Last reply Reply Quote 0
                      • K
                        kejianshi
                        last edited by

                        Yes - I see your point.
                        For them to go no cert error connecting to your network, your network address would have to be the url they entered in the address bar.
                        Go figure the odds.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.