Visitors get SSL warnings on guest Wi-Fi, especially on iPhone.
A captive portal on plain HTTP or with a self-signed cert throws a red SSL warning on modern iOS, Android and macOS, or never pops up at all. People do not click through and you get 'the Wi-Fi is broken' tickets. Fix: a real domain with a valid certificate, not an IP address.
Try this first
- 1Create a subdomain like wifi.company.com and point it in DNS to the portal server or controller IP.
- 2Get a Let's Encrypt cert for that subdomain and automate renewal, never manual.
- 3Set the controller's captive-portal URL to https://wifi.company.com, not to an IP. iOS literally checks for a valid hostname with a valid cert.
- 4Test on iPhone, Android and MacBook after the change, each has its own captive portal detection and may react differently.
- 5Avoid MITM-style HTTP redirects on the gateway, those throw cert errors on HTTPS sites and burn trust.
When to bring us in
You run an on-prem portal with an internal cert: that does not work for external visitors, switch to a public certificate or a hosted portal vendor.
See also
- Wi-Fi drops randomly across the officeFirst rule out whether it is the access points or the internet connection itself. Different fix.
- One room or corner has no or bad Wi-FiNot always "add another AP"; often one is poorly positioned, or there is a metal wall in the way.
- Internet is suddenly slow for everyoneThree suspects: your provider, a colleague soaking the line, or a backup or update kicking in unexpectedly.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.