D
D
Dvach2021-08-10 11:29:53
Mikrotik
Dvach, 2021-08-10 11:29:53

I continue the final battle with Hotspot mikrotik. Why is there no certification path?

So, there is a page, there is a configured hotspot on Mikrotik. There is a wildcard certificate for example at *.example.com. The certificate is imported and selected. There is an entry for hotspot.example.com dns name in the server profile is correct. A record to the external address of the router. And everything works as it should with some devices. But on some devices (mostly Windows) - bowsers cannot find the certification path. Why is the certification path not defined in individual cases?

Answer the question

In order to leave comments, you need to log in

1 answer(s)
C
CityCat4, 2021-08-10
@Dvach

Because there is no publisher certificate in the root. Windows checks the certificate of the issuer of the checked certificate for the presence in the root store. If it is not a root itself (that is, it has its own publisher), then it checks it, and so on, until it reaches a certificate that is its own publisher :)
And all certificates in the chain must be present either in "Trusted Root Centers" or in "Trusted intermediate centers". On every device. For Windows, this is usually done by politicians.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question