SSL Certificate Captive Portal

I currently have my captive portal setup on my device, however, the issue I am running into is in using the default URL I am prompted with a security error for the SSL Certificate. Has anyone else had a workaround for this issue? I uploaded a locally certified OpenSSL certificate, but given that it isn’t a trusted certificate it didnt really resolve my problem. Any assistance is appreciated.

2 Likes

I am getting this issue too.

What firmware version are you running? If older it is likely this:
https://forum.peplink.com/t/known-issue-captive-portal-default-certificate-in-old-firmware-expired/25088

I’m updated to 8.0.2 it solved my issue. Thanks

Thanks Martin I did find this post and updated. Also changed the DNS. I will do more testing on Monday or later today. I’ll keep you posted and many thanks for your help!

1 Like

Anyone ever figure out what the root cause is here? I just bought a Pepwave Max Transit LTEA and am having this same issue. And I’m running 8.1.3 firmware version (just updated it).

Was this ever resolved? I am Seeing the same problem with the expired cert.

We see this pop up once maybe every two years. Not sure if it has to do with Peplink renewing licensing with their providers. We are waiting on a reply with the “why”. Upgrading firmware fixed it, but we would like to know what caused it so we can prevent it from shutting down our fleet wifi in another two years.

This is normal, and as of 2021 will happen every year, not every 2 years.

The TLS certificate authorities (CA) will now only sign certs for 397 days… (approx 1 year + 30 days. ) therefore Peplink needs to get a new SAN cert for captive-portal.peplink.com & www.captive-portal.peplink.com every year.

You can click on the lock icon when you are administering the box… you will see that 8.1.3’s cert will expire Thursday, March 3, 2022. the 8.2.0 cert expires Tuesday, November 29, 2022.

You can of course use your own URL and certificate, but that would still be a yearly process. (see Network-> Certificate Manager → Captive Portal SSL. )

So as soon as 8.2.0 is released you will need to update all of the devices before Mar 3 to not have an issue. If 8.2.0 isn’t ready, then they will have to issue a 8.1.4, where the only update is to the cert.

For anyone else seeing this issue, you need to be on at least 8.1.3.

2 Likes

I am seeing this issue on multiple devices now. The firmware is upto date.

1 Like

As I said the device firmware is up to date. Have a look into the below device it is definitely the latest available.

Panik_peplink.JPG

They are working on a 8.3.0 release with the new certs (look under Beta)… or you can open a ticket and they have some 8.2.1 versions with the new cert.