Hello everybody, I have a question and hope you can help me. I have set up a captive portal and everythings works fine like I planned it. But there is one issue I ran into, that I didn' t plan with. If the traffic which triggers the captive portal is https traffic, then we get a certificate warning. Let me explain this: 1) I join the captive portal based wlan 2) I open a browser and surf to https://www.google.com 3) I get a certificate warning in the webbrowser 4) If I ignore this warning I' am redirected to the captive portal 5) If I authenticate myself with correct credentials I will be redirected to the original website. The thing is, that I want to get rid of the certificate warning. I found this little config switch wich allows me to choose the certificate I want to use: config user setting set auth-cert xxx end I tried it with our official thawte certificate but that didn' t help. So I tried some other certificates (but this will only help our employees and not other guests) but this didn' t work either. And then I found this page: http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD30760&sliceId=1&docTypeID=DT_KCARTICLE_1_1&dialogID=38506158&stateId=0 This was nearly the situation that I have. So I tried this setting, because this could be a win win situation (it could solve my problem and could help to increase the security level of my guest wlan). config user setting set auth-secure-http enable end Sadly, I now get redirected to the gateway IP and STILL get a certificate warning (cause there is no matching certificate which includes the gateway ip). So I' am stuck here. Cause I can' t use this setting: config firewall policy edit <my_policy_ID> set auth-redirect-addr " my.fortigate.com" next end This is because we use address based policies and no identity based policies. So I' am searching for another way to get rid of the certificate warning for _all_ users. Is there anyone who might help me?