Hi all!

I have a problem with Windows 11 (and also some recent versions of Windows 10).

Apparently, when they try to connect to a managed SSID with WebAuth locally on the WLC, they get this screen:

Doing a "debug web-auth redirect enable mac", I get these logs:

* webauthRedirect: Feb 28 15: 38: 17.757: 80: 19: 34: e0: 89: f4- Web-auth type Internal, no further redirection needed. Presenting defualt login page to user

* webauthRedirect: Feb 28 15: 38: 17.757: 80: 19: 34: e0: 89: f4- added redirect =, URL is now https://guest.candy.it/login.html?
* webauthRedirect: Feb 28 15: 38: 17.757: 80: 19: 34: e0: 89: f4- str1 is now https://guest.candy.it/login.html?redirect=ctldl.windowsupdate.com/msdownload/ update / v3 / static / trustedr / en / disallowedcertstl.cab? f81ef29b3f20f822
* webauthRedirect: Feb 28 15: 38: 17.757: 80: 19: 34: e0: 89: f4- clen string is Content-Length: 398

* webauthRedirect: Feb 28 15: 38: 17.757: 80: 19: 34: e0: 89: f4- Message to be sent is
HTTP / 1.1 200 OK
Location: https://guest.candy.it/login.html?redirect=ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/disallowedce
* webauthRedirect: Feb 28 15: 38: 17.757: 80: 19: 34: e0: 89: f4- 200 send_data = HTTP / 1.1 200 OK

It is possible that they are linked to the Windows Automatic Root Certificates Update service, as described in the paragraph "How to Disable / Enable Automatic Root Certificates Update in Windows?" of the following page?

http://woshub.com/updating-trusted-root-certificates-in-windows-10/