Captive Portal Page Not Working With HTTPS



  • Hi,

    We have setup a captive portal page but it will only display when you enter a HTTP address.

    For example the idea is when they connect to a Free Wifi service they open Google Chrome they are met with the Captive Portal Page and then they press continue and they can browse the web. This works but only with HTTP addresses.

    E.g. when you open Http://www.google.com it shows the captive portal page but when you open https://www.google.com nothing happens!

    running 2.0.3 no more updates available.

    Thanks in advance!!!


  • Banned

    Correct. Not possible with HTTPS.



  • So there is no workaround at all?!?


  • Banned

    Nope.



  • As discussed many times in the past, a CP can't redirect https, search the forum for details, e.g. http://forum.pfsense.org/index.php/topic,53630.0.html (unless one has full control over the client PCs, adds own RootCA and spoofs the https certificate on the fly – effectively doing a MitM attack).

    PS: However, a CP could play nice, by sending a TCP reset so that the client's application can recover immediately, rather than drop the packet and let it time-out many seconds later. However this isn't possible with pfSense's CP (see comments at http://redmine.pfsense.org/issues/2006 )



  • Thanks for the replies, can anyone suggest any other software that will do this?


  • Banned

    Not really… Either you'll get those flashy red warnings about certificate mismatch, or you'd need a wildcard MITM certificate - again will produce huge red flashy warnings since no trusted CA preinstalled on an OS will issue such thing to you, and noone with a sane mind will install that manually. Frankly, the whole captive portal thing is evil from the very bottom of how it works. Internet != HTTP/web.



  • @bassmoore:

    Hi,

    We have setup a captive portal page but it will only display when you enter a HTTP address.

    For example the idea is when they connect to a Free Wifi service they open Google Chrome they are met with the Captive Portal Page and then they press continue and they can browse the web. This works but only with HTTP addresses.

    E.g. when you open Http://www.google.com it shows the captive portal page but when you open https://www.google.com nothing happens!

    running 2.0.3 no more updates available.

    Thanks in advance!!!

    Check enable HTTPS login then https browsing will be redirected also. You need to setup your cert.