Hi all,
We want to set up a captive portal for guest users, on our FortiNAC. We're currenty using a selfsigned certificate, issued by our internal CA. When we connect to this portal using domain computers, this seems to work fine because the CA is trusted. But when external consultants want to connect to the portal, they're getting an SSL error in their browser because the certificate isn't trusted.
We do have a wildcard certificate for our external (public) hostname, issued by an external CA, but I suppose we can't use this certificate for our portal?
Thanks for feedback!
Hello
For NAC portal you should use public certificate. This is the normal usage, otherwise as you can see all guests will have SSL error.
A wildcard certificate can be used for the Captive portal service, some details are shown in this section of the guide.
Just make sure to use a FQDN that is a subdomain of the wildcard domain in Portal > Portal SSL configuration.
User | Count |
---|---|
2624 | |
1390 | |
804 | |
667 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.