Captive/Self-signed

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
#1
Hi, is there anything you've observed around switching from existing router network  over to keexy, on the same wifi SSID? On my iOS devices, the first time switching over to captive join of that SSID, it doesn't work well, and I had to disconnect and reconnect a couple times to get it to work, and at one point it complained about a "privacy" warning on the connection, alluded to self-signed. After forgetting connection and re-entering it, it went fine. It seems like a caching issue. I'm going to have many people reconnecting through Captive process to use our wifi, who will be on iOS devices, so I'm hoping there are some tips to make the process go more smoothly.  

Would a CA signed cert work much better?
Reply
#1
Hi, is there anything you've observed around switching from existing router network  over to keexy, on the same wifi SSID? On my iOS devices, the first time switching over to captive join of that SSID, it doesn't work well, and I had to disconnect and reconnect a couple times to get it to work, and at one point it complained about a "privacy" warning on the connection, alluded to self-signed. After forgetting connection and re-entering it, it went fine. It seems like a caching issue. I'm going to have many people reconnecting through Captive process to use our wifi, who will be on iOS devices, so I'm hoping there are some tips to make the process go more smoothly.  

Would a CA signed cert work much better?
Reply
#2
Keexybox uses a self-signed certificate to provide secure authentication for the WebUI. You can install your own certificate if you wish, but you have to connect in SSH on your raspberry and do some handling.

The key "keexybox.key" and the certificate "keexybox.crt" can be found in: /opt/keexybox/ssl. You can replace them if you want. Or if not, you can also adjust the certificate configuration in the Apache configuration "/etc/apache2/sites-enabled/000-default.conf"

Be careful, the "/etc/apache2/sites-enabled/000-default.conf" file can be overwritten when updating Keexybox. So keep a copy of your configuration file.
Reply
#2
Keexybox uses a self-signed certificate to provide secure authentication for the WebUI. You can install your own certificate if you wish, but you have to connect in SSH on your raspberry and do some handling.

The key "keexybox.key" and the certificate "keexybox.crt" can be found in: /opt/keexybox/ssl. You can replace them if you want. Or if not, you can also adjust the certificate configuration in the Apache configuration "/etc/apache2/sites-enabled/000-default.conf"

Be careful, the "/etc/apache2/sites-enabled/000-default.conf" file can be overwritten when updating Keexybox. So keep a copy of your configuration file.
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)