Description
This article describes how to be redirected to a captive portal/authentication page which gets a certificate warning while the client device tries to access an HTTPS website initially.
Scope
FortiAP.
Solution
As the captive portal/authentication page redirection involves hijacking the client's original TCP and HTTPS/HTTP request, it is similar to a man-in-the-middle attack even though it is for good intentions.
When the captive portal authentication is enforced, the user gets the certificate of the FortiGate because of this browser is gives us the certificate warning because of CN name or SAN name mismatch. For the HTTP sites, because of the common name mismatch between the site requested by the client and the certificate provided by the controller during the redirection of the captive portal, a security warning may appear as follows:
Troubleshoot:
Related article:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.