SearchSearch   ProfileProfile   Log inLog in   RegisterRegister 

login-Page on https / ssl-certificate
Goto page Previous  1, 2
 
Post new topic   Reply to topic    FirstSpot Forum Index -> Pre-sales Support Forum
View previous topic :: View next topic  
Author Message
medzoom



Joined: 27 Dec 2011
Posts: 45
Location: Austria

PostPosted: Wed Feb 21, 2018 10:02 am    
Post subject:

dear Alan,

here are the screenshots. I use Android 7.0

[img]https://at.cloud.fabasoft.com/folio/public/1niodv3wkh5c81dzkyenmfegu3
[/img][url][/url]
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Wed Feb 21, 2018 10:19 am    
Post subject:

A bit hard to see since it is not in English.

Please note that the cert you purchased can only eliminate the warning in the FirstSpot login page itself. If the device initially access https (e.g. https://www.t-mobile.at), FirstSpot redirect will still trigger a SSL warning. This is just the limitation of captive portal based system as FirstSpot needs to intercept the https traffic.

Note almost all devices automatically captive portal detection (e.g. Android, iOS captive network support) will initially access http to prevent this SSL warning from happening.
_________________
~ Patronsoft Limited ~
Back to top
medzoom



Joined: 27 Dec 2011
Posts: 45
Location: Austria

PostPosted: Wed Feb 21, 2018 11:03 am    
Post subject:

here are the screenshots in English

https://at.cloud.fabasoft.com/folio/public/278bcdo5k56qg2pdq5k6mst1yz

There I see
1) cipher is obsolate?
2) server-certificate is not trusted? Mybe the ca.cert I put wrong? Or the ca.cert can't be read?
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Wed Feb 21, 2018 11:07 am    
Post subject:

Is h2ohotel.at your current FirstSpot login page URL? Again, the cert can only encrypt the FirstSpot login page.
_________________
~ Patronsoft Limited ~
Back to top
medzoom



Joined: 27 Dec 2011
Posts: 45
Location: Austria

PostPosted: Wed Feb 21, 2018 11:13 am    
Post subject:

yes I did h2ohotel.at as my login-page. And I did the SSL-registration for that domain officially and was registered by godaddy.com

; Private gateway domain name
gateway_domain=h2ohotel.at

; Show IP or domain name in URL (0:IP, >0:DN)
show_domain_URL=1
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Wed Feb 21, 2018 11:16 am    
Post subject:

It is a bit hard to see in the mobile phone.

Can you use Windows PC, and use IE to trigger the problem and post the screenshot?
_________________
~ Patronsoft Limited ~
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Wed Feb 21, 2018 11:32 am    
Post subject:

Looks like you are still using our self-sign certificate. Make sure you select "Use 3rd-party SSL certificates" under Authentication Server tab, and then restart FirstSpot.
_________________
~ Patronsoft Limited ~
Back to top
medzoom



Joined: 27 Dec 2011
Posts: 45
Location: Austria

PostPosted: Wed Feb 21, 2018 11:42 am    
Post subject:

here are the screenshots from Windows7 (only german!)

According to the Translation by internet, the error should be

Quote:
This CA Root certificate is not trusted because it is not in the Trusted Root Certificate Authorities store.



https://at.cloud.fabasoft.com/folio/public/0yazcmi4mvgpo27stipqmq69sh
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Wed Feb 21, 2018 11:43 am    
Post subject:

Please see my previous comment.
_________________
~ Patronsoft Limited ~
Back to top
medzoom



Joined: 27 Dec 2011
Posts: 45
Location: Austria

PostPosted: Wed Feb 21, 2018 12:03 pm    
Post subject:

I have restarted, but it is still the same error Shocked

I have checked, the ca.cert on the Server, it is the correct from godaddy.com

[url]GoDaddy Certificate Bundles - G2 With Cross to G1, includes Root[/url]

Quote:
GoDaddy Certificate Bundles - G2 With Cross to G1, includes Root
Back to top
medzoom



Joined: 27 Dec 2011
Posts: 45
Location: Austria

PostPosted: Wed Feb 21, 2018 12:04 pm    
Post subject:

https://certs.godaddy.com/repository

and before, I switched off an on again. both switches are set
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Wed Feb 21, 2018 12:57 pm    
Post subject:

Did you apply all the steps in chapter 5 of firstspot_guide.pdf? Also, can you post the section related SSL in config.ini here?
_________________
~ Patronsoft Limited ~
Back to top
medzoom



Joined: 27 Dec 2011
Posts: 45
Location: Austria

PostPosted: Wed Feb 21, 2018 1:55 pm    
Post subject:

yes - pages 42+43 as written. I needed to use 256 bit encryption.

Code:

; port used by ssl site
;
ssl_port =5789

;use 3 party ssl cert 0=yes 1=no
ssl_cert=0

;secure socket layer for authentication
;443 for enabled SSL, auth_port=ssl_auth_port for disabled ssl
ssl_auth_port=443
Back to top
alan
Forum facilitator


Joined: 26 Sep 2003
Posts: 4435

PostPosted: Wed Feb 21, 2018 2:14 pm    
Post subject:

Did you see any error message when you run those commands?

Can you run those commands again (please capture the output this time)?
_________________
~ Patronsoft Limited ~
Back to top
medzoom



Joined: 27 Dec 2011
Posts: 45
Location: Austria

PostPosted: Thu Feb 22, 2018 12:33 pm    
Post subject:

sorry.. it was the incorrect my-server.key file, which I had in the conf-folder. I corrected to the right my-server.key-file and now the SSL works without any error Smile

best regards...
Back to top
Display posts from previous:   
Post new topic   Reply to topic    FirstSpot Forum Index -> Pre-sales Support Forum All times are GMT
Goto page Previous  1, 2
Page 2 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group