We have recently had a ruckus wireless network installed. Everything from the AP's to the pair of ZD3050's configured as a smart-redundant pair is working well, except for the captive portal.
We have 2 SSID's set up to authenticate separate captive portals from separate auth servers. It is functional to some degree however we are having problems with certificates.
We purchased a cert (wifi.domain.ac.uk) from Janet which comes in 2 parts, intermediate CA and the device CA itself. They both load onto the ZD fine, but when we try to access the login page from a mobile device or laptop then we get a certificate error, even though when we access the URL from a machine inside the network, everything is green.
There are 2 possibilities as far as i can see. using the command below we only get the intermediate cert back, not the full chain >> openssl s_client -check wifi.tower.ac.uk:443 Which returns this:
--- CONNECTED(00000003)depth=0 C = GB, ST = London, L = LONDON, O = Tower Hamlets College, CN = wifi.tower.ac.uk verify error:num=20:unable to get local issuer certificate verify return:1 . . . --- Certificate chain 0 s:/C=GB/ST=London/L=LONDON/O=Tower Hamlets College/CN=wifi.tower.ac.uk i:/C=BM/O=QuoVadis Limited/CN=QuoVadis Global SSL ICA G2 ---