cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

526
Views
5
Helpful
3
Replies
SMD28316
Beginner

ISE Guest certificate is not valid on android devices

I'm having an issue with wireless guest access for android devices, whenever I try to access the guest portal I get this alert in the browser:

 

Connection not private Something is interfering with your Wi-Fi network's security. If you continue, your data may be vulnerable to attackers.

 

I can click on continue and no error messages appear, but I don't think this is a normal behavior, as I have a valid certificate that is signed publicly by DigiCert. I have renewed this certificate since few weeks ago, then I started seeing the alert.

 

My search had led me to this defect CSCvm10640, it's related to BYOD and I'm not sure if it's related to my issue.

1 ACCEPTED SOLUTION

Accepted Solutions
Arne Bier
VIP Advisor

Hello @SMD28316 

 

I had a similar thing recently and it turned out that the Android devices didn't connect because the portal cert had a wildcard in the SAN. Normally this is okay and has always worked. We had to purchase new certs that contained the FQDNs in the SAN and then those Android devices connected without complaints.

We had another group of Android Devices from Oppo (a brand) that didn't associate to the open SSID unless we enabled 802.11r (Fast Roaming) - that was weird. Now I enable 802.11r jst in case and no more complaints. Android is dragging us into the 21st century kicking and screaming!

 

 

 

android1.PNG

 

android2.PNG

View solution in original post

3 REPLIES 3
Marcelo Morais
Advocate

Hi @SMD28316 ,

 an error message appears after you click Continue, for example:

NET::ERR_CERT_COMMON_NAME_INVALID

NET::ERR_CERT_AUTHORITY_INVALID

 This error can give you a hint of the problem.

 

Hope this helps !!!

There is no error message after clicking on continue

Arne Bier
VIP Advisor

Hello @SMD28316 

 

I had a similar thing recently and it turned out that the Android devices didn't connect because the portal cert had a wildcard in the SAN. Normally this is okay and has always worked. We had to purchase new certs that contained the FQDNs in the SAN and then those Android devices connected without complaints.

We had another group of Android Devices from Oppo (a brand) that didn't associate to the open SSID unless we enabled 802.11r (Fast Roaming) - that was weird. Now I enable 802.11r jst in case and no more complaints. Android is dragging us into the 21st century kicking and screaming!

 

 

 

android1.PNG

 

android2.PNG

View solution in original post

Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars



Did you miss a previous ISE webinar?

CiscoISE YouTube Channel