Navigation
https redirect problem
Tue, 11/09/2010 - 16:24 — fcolista
Hi, i'm new here.
I would like to do a bug report, but i don't find where i can post.
Anyway:
An https webpage request made before a redirect, cause a non-redirect to captive portal.
I'm going to explain better the behaviour:
if i digit www.google.it, i'm going to be redirected to captive portal login page, because i'm not an authenticated user.
But if i require a page in HTTPS instead HTTP, the redirection does not work.
Wrong i something? Or is a but? I'm using CoovaChilli 1.2.4.
Thanks.
- Login to post comments
not good news
read this:
http://www.linkedin.com/groups/Hello-All-help-https-redirection-158903.S...
greez,
sky...
Hi All,
I've the same problem.
Is there any solution for this?
I tried to search for this, but I didn't find any solution.
Thanks,
Gabor
You might want to post some
You might want to post some details of your setup, config file, and start chilli in forground debug mode to get more onfo.
Also if you are running a web sever (apache etc) you might want check its log files..,
hw: ubnt
I use CoovaAP on a Ubiquitu Airrouter.
one more thing
The chilli don't redirect me to the uamportal if I remove these options:
uamuissl
redirssl
sslkeyfile /etc/persistent/site_key.pem
sslcertfile /etc/persistent/site_cert.pem
some info
Hi,
Some related configuration info:
hs.conf:
....
uamuissl
redirssl
sslkeyfile /etc/persistent/site_key.pem
sslcertfile /etc/persistent/site_cert.pem
....
So in this case, if I went to a https site, this is redirecting my request, but the browser show up an error message, because the chilli reply with my self-certificated certification.
If I run the chilli with showing the debug information I see it (for ex. https://facebook.com):
dns.c: 204: 0 (Debug) DNS: facebook.com
dns.c: 204: 0 (Debug) DNS: facebook.com
ssl.c: 408: 0 (Debug) no SSL certificate
redir.c: 2028: 0 (Debug) No data in HTTP request!
redir.c: 3326: 0 (Debug) Error calling get_req. Terminating -1
I checked the ssl.c source file, and here it is the related if statement:
peer_cert = SSL_get_peer_certificate(c->con);
if (peer_cert) {
..issue a lot of things..
} else {
log_dbg("no SSL certificate");
}
What do you think?
Thanks,
Gabor
From the above there doesn't
From the above there doesn't appear to be an ssl certificate actually installed.
valid cert
Hi,
Thanks your reply.
I think the certificate and the key file is valid, and the chilli could load those.
Just because when I remove the related files from the persistent directory, the service said those are missing.
Yesterday I installed a valid certification which authorized by a valid authorization company. (90days trial)
But the problem still exists. So the client laptop connect to the AP, and if I try to navigate to an https:// site, the browser warn me bacause of the certificate is valid but for an other site (what I setup when I requested the certification).
In my opininion that is because the service try to download the original site's certificate, but it failed as that tell me on the log files, and in this case the service provide the client with my own certificate.
What do you think?
I try to recompile the binary with some debug information to my airrouter, but I haven't find any how-to for 5.3.x SDK.
Does anybody use this function succesfully? So Coova-chilli, remote authentication (local portal site disabled), and https:// website redirection.
Thanks in advance,
Gabor
Same issue here
Hi,
I experience the same issue. Did you ever find a solution?
Thanks in advance for your help.
Same issue
i have the same error... some fixes ?
The same for me
Hi,
I'm against the same problem :
We have a certificate for our domain (the domain where user is redirected for authentification), wich is a authorized certificate.
But the browser try to associate this certificate with the requested domain (ie: https://www.google.com).
Something is wrong for me, i don't understand .... because it's impossible to authenticate all requested domains. Can someone explain a good way to do it ? Is someone succeed on doing it ? I really have a doubt on this !
thx.