It should work like you said. But this sounds really confusing: “Note that clients will be forced to use HTTPS on *all URLs*”. Unfortunately I can’t test it on Lets-encrypt because my domain is private (local) but I will test it with openssl.
wt., 2 paź 2018 o 23:32 Eric Naujock <naujo...@gmail.com> napisał(a): > Actually I am not yet using packet fence so I am not yet certain on > details. But based on my experience with this stuff I would have the > following expectations. > > When a new device appears on the network and tries to go out they will > redirect the web traffic to the captive portal. The captive portal will > take the traffic and authenticate the machine. Then it will redirect the > user back to the site they were originally going to(or the portal drop-off > url). The http(s) for the captive portal is only relevant for the portal > and after your traffic will go to whatever port is specified with the > specified protocol. > > You just want to use Certbot with lets-encrypt to get you certificate for > the portal. > > On Oct 2, 2018, at 4:48 PM, Cezary Barciński <cbarcin...@gmail.com> wrote: > > Hello, Thank you for your answer. > > Yes, I didn’t go through the SSL certificate and LetsEncrypt sounds grate, > I totally forgot about that project. Need to try that. > > I was convinced that packetfence generates self-signed certificate > automatically and after turning on HTTPS option I would have to accept that > cert in a web browser and would be able to see the portal login page. > > I’m also afraid about this: > > “Force the captive portal to use HTTPS for all portal clients.Note that > clients will be forced to use HTTPS on all URLs.This requires a restart of > the httpd.portal process to be fully effective.” > > Does it mean that when I implement SSL and turn the HTTPS option on, users > won’t be able to browse classic HTTP websites? What about other services > like internet radio, games etc? > > Best regards > > wt., 2 paź 2018 o 15:42 Eric Naujock <naujo...@gmail.com> napisał(a): > >> Good morning, >> I just notices your message and I am betting that you will need to setup >> a SSL certificate for this secure server portal website. Do you have a >> signed (LetsEncrypt or similar) certificate for this site? If not you will >> need to get one. Then you will likely not get those errors and your portal >> will work for the duration of the certificate. For testing you could make a >> self signed certificate but most browsers will have a fit with those. >> >> On Oct 2, 2018, at 3:34 AM, Cezary Barciński via PacketFence-users < >> packetfence-users@lists.sourceforge.net> wrote: >> >> Hello, >> >> I have a question or problem (packetfence 8.1 in inline mode): >> >> How to make packet fence guest authentication based on HTTPS instead of >> HTTP ? >> >> When I disable “Secure redirect” in Configuration>Advanced Access >> Configuration>Captive Portal all is good but then users have to register >> with HTTP. >> >> When I enable “Secure redirect” and unregistered user is trying to >> register, opens a web browser, and a website opens with certificate error. >> Can’t even to get to registration page, Can’t even add an exceptions in >> Mozilla. >> >> Can you help? >> >> THX >> _______________________________________________ >> PacketFence-users mailing list >> PacketFence-users@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/packetfence-users >> >> >> >
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
