Certificate Warning

A certificate warning appear when end users are redirecting with an HTTPS request.

If end user enters an HTTPS URL through the browser manually, one certificate warning message will be expected to be seen in the UE browser.

The RUCKUS One portal uses a certificate of ruckuswireless.com. RUCKUS One needs to complete the SSL handshake before sending a 302 redirect response to the UE. Because the FQDN (common name) in the certificate is impossible to match to the URL that the UE tries to visit, the browser will display a certificate warning.

To avoid certificate warning messages, major operating systems already have built-in mechanisms to detect captive networks and sending HTTP requests (not HTTPS), so that users can be redirected to a portal page automatically without any certificate error.

Apple iOS Captive Network Assistant (CNA) sends HTTP requests to some static URLs to detect the captive portal.
Android devices detectes these issues by sending HTTP requests to http://clients3.google.com/generate_204.
Windows 10 sends HTTP requests to http://www.msftncsi.com/ncsi.txt to detect the captive portal.

Note: URLs may vary based on different software releases.

In any case, user devices display a message and redirect users to the portal page with HTTP requests instead of HTTPS requests. No certificate warning will be shown if the UE is redirected automatically by the operating system.