Securing CP with SSL



  • Hi all,

    I'm using pfSense on a University wireless network where we use Captive Portal to authenticate authorised wireless users using RADIUS.

    I'm currently trying to secure our Captive Portal with an SSL Cert, I've purchased one from GoDaddy rather than using a self-signed or pfsense issued SSL to ensure that our users dont get any warnings about the certificate. I used OpenSSL to extract the cert & private key to two seperate .pem files and then I copied & pasted the output of these files into the HTTPS Certificate &  HTTPS Private Key in the Captive Portal section of the web configuration.

    However, when using the GoDaddy certificate the Captive Portal user authentication page fails to load, it seems to timeout …

    If I replace the GoDaddy cert with a cert generated by the pfSense box the page loads albeit with the certificate warning on the client due to the certification authority not being known.

    The GoDaddy (and pfSense) certificate CN matches the name of our pfSense box and I have entered a matching DNS record that points to our pfSense LAN interface to overide the DNS forwarders to ensure the client resolves correctly.

    Has anyone got any ideas what might be preventing the GoDaddy cert from working?

    Many thanks

    Trent



  • Did anyone have any help Please post. I think it has to do with the intermediate certificate bundle but can not get it to work



  • Reinstall pf after backing up the config file. I had this happen where pf would not do self signed certs so i reinstalled and it fixed it, then i uploaded my config file and all settings were back.


Log in to reply