• 4
name

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191

Backtrace:

File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

name Punditsdkoslkdosdkoskdo

Redirecting HTTPS traffic without certificate errors

I have a captive portal that I'm attempting to redirect HTTPS traffic to my portal - preferably without the certification warning from redirecting https traffic.

E.G

User attempts to access https://google.co.uk
User is not validated.
User gets redirected to https://portal.com via the router

As it currently stands the user is redirected to a certification warning, ie

"this certificate is not trusted"

Apparently this issue can be bypassed by providing a SSL certificate. People online seem to say they own both https:// websites (ie portal.com and google.co.uk).

Question: Are the people who are bypassing the issue of the SSL certificate error providing the certificate for the initially requested website, or the portal which they redirected to?

      • 1
    • I'm really not sure if there's a question, here... or just statements. Can you restate it so you indicate what you're trying to do, what you expect, and what you're seeing?
    • Still a bit unclear... in current context, an untrusted certificate means that the certificate chain in the browser is not valid ... generally because the root certificates can't be shown to validate the certificate presented by the website itself.
User attempts to access https://google.co.uk
User is not validated.
User gets redirected to https://portal.com via the router

Redirects are done at the HTTP level, i.e. after the encrypted connection was successfully established. This means that you would first need to have a successful TLS handshake. And for this you would need to have a certificate for google.co.uk - which you cannot get since you don't own the domain. You can create such a certificate by yourself with your own CA but then you would need to make the clients first somehow trust your CA. This is possible inside some company where you have control of the clients systems but not for the usual captive portals where you don't have control of the client.

Or in other words: it is impossible to build a captive portal which redirects access to https links for arbitrary clients without causing certificate errors at the client. It is only possible to build such a portal if you can control the clients, like inside a company.

  • 5
Reply Report

Trending Tags