Good day,


I just set-up a hotspot the other day, So far it is all working great except for the fact that if a suer goes to a https site before logging in. they receive a ssl error and are NOT redirected to the login page.

But if they go to a http:// site it redirects them. What am I missing here? Is there a setting I need to set ?

I read that I need to have the hotspot dns name as a valid domain, so i have made it hotspot.local however that hass not seemed to fix the issue?

What's the error you're getting? "SSL error: self signed certificate in certificate chain"? You'll need to obtain a valid security certificate that was issued by a global certificate authority - CA (e.g. VeriSign, Thawte, Comodo, Startcom). It consists of a private key and the public certificate issued by a public CA. There are multiple ways to obtain such a certificate - the cheapest but most suspectible one would be to use STARTCOM's STARTSSL program - it's free:

https://www.startssl.com/?app=1

The process with startssl is pretty straightforward if you know what's going on but it's root and intermediate certificates aren't available on every platform (specially mobile ones). That means that you're likely to run into issues with your clients complaining about additional errors related to not being able to validate the certificate.

A more solid alternative for only $9/year would be a PositiveSSL certificate issued by COMODO. You can obtain one via namecheap:

https://www.namecheap.com/security/ssl- ... vessl.aspx

Due to the owner validation process you are required to own a valid domain (e.g. myname.com). You have to be able to receive emails for the domain e.g. via hostmaster@myname.com (RFC2142). That's why hotspot.local - as a local domain - simply won't work. You'll have to generate a private key as well as a certificate signing request prior to requesting the certificate with the CA.

Just follow the steps as documented here based on your platform:

https://support.comodo.com/index.php?/K ... generation

Alternatively you may also use your routerboard for this:

http://wiki.mikrotik.com/wiki/Manual:Cr ... rtificates

Once you've got the certificate from COMODO you have to upload a subset of files to the router and tell the hotspot to use them for SSL.

BTW: Also attach your config.

Thanks for your response,

I have attached an image of the error which I get, However I dont think that having an ssl cert on the hotspot is the issue?

This error doesnt occour when I try got to my hotspots page using ssl.,

If I connect to the wireless, (Not Logged in) and My browser automatically goes to https://youtube.com I get this error attached. BUt it doesnt even try redirect me to hotspot.local ?

Unless I require a ssl cert in order to even redirect an https request?

Thanks for your response,

[...]

Unless I require a ssl cert in order to even redirect an https request?

Srange behaviour. Kindly attach your config.