Solved: Re: When is bug CSCuw70713 expected to be fixed?

matthen · ‎08-18-2017

When is bug CSCuw70713 expected to be fixed? My customer is asking for a date.

Thanks,

Matt

hslai · ‎08-18-2017

Please discuss enhancements with our PM team.

M. Wisely · ‎08-18-2017

The enhancement bug is listed as terminated which means that nothing more is going to happen with it. There is a workaround listed:

Use http with the sponsor portal fqdn to get around this problem.

matthen · ‎08-18-2017

Wouldn't using http leave a security gap because the session wouldn't be encrypted? If I'm an employee using the sponsor portal to register a guest, don't I risk passing my credentials in the clear over the network?

Thanks,

Matt

M. Wisely · ‎08-18-2017

ISE redirects from http to https when I go to the sponsor portal fqdn so your credentials are still protected.

dazza_johnson · ‎08-20-2017

Unless I am missing something here, just add the sponsor portal FQDN to the admin certificate as a SAN. Thats what we do and it works great.

Go to https://sponsorportal > matches admin cert (as port 443) and the sponsorportal is listed in the admin cert as a SAN (DNS=sponsorportal). User then gets redirected to the https://sponsorportal:8443 > matches the sponsor portal cert (as 8443) where the sponsorportal is either the CN or in the SAN.

Works great.

hslai · ‎08-21-2017

Yeah, it works if the admin portal certificate can be used for the end-user facing portals. However, that defeats separate certificate purposes for portals.

hslai · ‎08-18-2017

Please discuss enhancements with our PM team.