i trying valid ssl certificate on captive portal implementation. due limitation cannot valid ssl internal ips need guys validating thougs
here ideas
- get valid domain name goal godaddy or whatever (something captiveportals.com)
- use subdomain every captive portal gateway ej : gateway1.captive....
- buy valid ssl certificate each gateway.
i know ok but....
my question:
on captive portal have internal dns internal ip example... 192.168.1.10 map gateway1.captiveportals.com
that same domain have external ip manage pruposes... ussing google dns example gateway1.captiveportals.com resolve public ip.
question: ssl certificate still valid internal users ussing internal dns ??
for validation of certificate matters hostname in url matches subject(s) of certificate. not matter ip address hostname resolves to.
but, since trying use certificate in captive portal: tls certificate captive portal can used access portal directly can not used redirect other https requests portal. example if certificate captive.example.org , user tries access https://www.example.com , access redirected captive portal certificate validation fail because name in url not match certificates subject.
