Https redirect with "no authentication" and redirection post "connect"



  • Hello all

    I have a question. I have read all the post about https redirect is not possible without certificate.

    But i need to simply intercept clients, allow them to click connect and send them to an external page without need to login or let them back to the starting page they want.
    The "no authentication" with "After authentication Redirection URL" should simply work regardless of certificates because there's no need to manage login or going back to the https site that the client want to start with.
    Cause you want client to be simply redirected in a specific page. Whatever site he start with.
    That seems to me a logical flaw.
    Now that all the web correctly migrating from http to https is like to say that redirecting is not possible anymore in the future without registering a domain and having a vaild certificate. Making things more expensive.
    And considering that the page the client  really want will be at disposal after authentication with https, there should be a way to do so.
    There are many simple and unexpensive project that need simple redirecting. Simple just to say.

    Sorry if that was wrote before but I was unable to find my specific problem. And sorry for my bad english as well. I hope you understand.
    Thank for your kind attention.



  • It seems there's no way to intercept that behaviour.

    The browser start an https connection and wait for a valid certificate. So you can only send an invalid certificate and receive a cert error by enabling https login in captive portal.
    Without  https login the client browser will be stuck waiting for cert.

    It's an https design I see.

    But I still think that making an unexpensive or free project like captive portals with no authentication sould be possible.

    Instead with https you need a more complex infrastructure and management. You can't no more do that and forget it as you can expect from a free project.

    I wonder why no one ever put things that way. I love https but I think we should have a workaround maybe browser side.

    After all we want something legit. Just allow navigation with proper https after a splash page was shown. Not a real man in the middle workaround.

    Sorry for this question but I tought that it's too strange  that https don't allow redirect in any case. Never saw things that way before.


Log in to reply