Cisco Wifi: Https encryption on open access wifi portal

We have an existing Cisco wifi setup to provide open access wifi.
The Open access wifi SSID and VLAN have direct access to the internet and use external DNS.

However since the most recent patch HTTPS has gotten enabled on the wifi authentication portal and now all of our users get a certificate error when trying authenticate to this page.

Is there anyway to turn HTTPS off on the portal page?
Otherwise how can I setup the certificate?
The wifi portal is pointing to IP 1.1.1.1 internally, I wouldn't think that you could get a certificate assigned to that IP?
LVL 1
PerimeterITAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Joey YungSenior Network EngineerCommented:
Apply the following command on WLC via CLI can disable the HTTPS web-auth:

config network web-auth secureweb disable

BTW, The below link can guide you how to make a certificate for web-auth:

https://supportforums.cisco.com/document/44866/how-make-web-auth-certificate-warning-go-away
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Craig BeckCommented:
The wifi portal is pointing to IP 1.1.1.1 internally, I wouldn't think that you could get a certificate assigned to that IP?
At the moment you can, by using a SAN certificate, but after November this year you'll have to use DNS and a public FQDN as internal domain suffixes (such as .local, .lan, etc) and private IP addresses (10.0.0.0/8, 172.16.0.0/14 and 192.168.0.0/16) will no longer be allowed in 3rd-party certificate fields.

To that end, Joey is right.  You will need to disable the secureweb option to enable you to use HTTP instead.  However, this is not available on all WLCs, especially if they are running legacy code.  As well as this, you may hit a bug where users can only use HTTP authentication if you also enable HTTP management on the WLC.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Wireless Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.