Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
cbevilaqua
New Contributor

Fortigate External captive portal ERR_CERT_AUTHORITY_INVALID

Hello,

 

We have set a external captive portal that uses some external resources (cdn, etc...)

When the user connects to the wireless network, the captive portal is triggered but fails to load some assets due to ERR_CERT_AUTHORITY_INVALID error. The strange thing is that some resources load, others didn't, for example ([link]https://www.google-analytics.com[/link] loads while https://cdn.zooxwifi.com not and both items are present in the walled garden and are using HTTPS).

Have you some idea of what could this be?

 

Thanks!

 

1 REPLY 1
mahff
New Contributor II

Hi, 

Hello,

The warning message seen on Android devices upon connecting to an external captive portal might stem from the system identifying potential SSL/TLS certificate-related security concerns. Here are steps to mitigate this issue:

  1. Verify Certificate Trustworthiness: Android alerts may appear if your captive portal's HTTPS certificate isn't recognized as trustworthy, or if there's a discrepancy in the certificate's details. Make sure your certificate is endorsed by a reputable Certificate Authority (CA) and all information, such as the domain name, is accurately reflected.

  2. Assign a Domain Name to Your Fortigate: Utilizing a domain name for your Fortigate, instead of an IP address, can help in eliminating these alerts. This ensures your SSL certificate is thoroughly validated.

  3. Certificate Installation on Fortigate: It's necessary to install the SSL certificate on your Fortigate device to address this issue effectively.

  4. Activate HTTPS Redirection: Implementing HTTPS redirection on your Fortigate unit is crucial for preventing browser warnings. This guarantees that every connection is securely transitioned to HTTPS.

The provided documentation on How to enable HTTPS Redirection to avoid web browser warning - Fortigate offers comprehensive instructions for setting up HTTPS redirection. This includes detailed steps for correctly configuring your SSL certificate, ensuring secure access to your captive portal.

 

Best regards,

Mahff

Labels
Top Kudoed Authors