Hi,
I turned on HTTP PAP and HTTPS Login for hotspot server, and found out even the client is accessing standard HTTP webpage upon login, hotspot will redirect client to the HTTPS login page and give out annoying Security Warning. Is there any way to slove this,to let HTTP redirect to HTTP Login page and HTTPS to HTTPS, so not everyone receive the Security Warning.
probably your users have https://www.google.com or similar https web page as default web page when browser are opened???
Yes, for users who have https as default web page , they SHOULD redirect to https login page as designed.
But for those who only have http as default page, why hotspot redirect them to https login page show the Cert Security Warning too, this part is what I don’t understand…
dump
any solution yet?
This is normal and expected behavior - if you enable https logins, then the hotspot is going to use the SSL-protected login page.
If you were to disable that, then initial https requests would get redirected to the non-ssl login page.
The answer is to go buy a certificate - then the http —(redirect)—> httpS logins won’t get security alerts anymore.
Getting SSL security alerts when an initial HTTPS request gets redirected is going to throw an alarm regardless of whether the target of redirection is secure or insecure. This is because of PKI certificate design, and it’s working as designed - namely - your router is doing a man-in-the-middle operation and the client should know whenever such a thing happens.
That’s our new SSL-enhanced world these days. Sorry.