This document describes why Apple iOS clients (iPhone and iPad) cannot access the Public Spot login page via HTTPS and how to correct this.

A LANCOM device with the Public Spot option comes with its own SSL certificate, which names the certificate issuer as LANCOM Systems. However, this certificate is not from a recognized issuer.

For this reason, some clients—such as iOS devices—do not trust certificates from unknown issuers and will refuse to connect to them.

Option 1:

By default, the setting under Public Spot -> Authentication -> Protocol of login page for HTTP - Public Spot login and state pages are not encrypted during transfer is enabled. The login to the Public Spot is conducted via HTTP.

Option 2: It is possible to purchase an SSL certificate from a recognized issuer (such as VeriSign) and upload it to the LANCOM device that operates the Public Spot.

1) Connect to the router via the web interface (WEBconfig) and switch to the menu File management -> Upload certificate or file.

2) Upload this SSL certificate to the device.

    We recommend you obtain and upload the certificate as a PKCS#12 file, as it contains all of the necessary components (private key, root CA and SSL certificate) and greatly simplifies the operation.

3) Using LANconfig, open the configuration for the LANCOM router.

4) Navigate to the menu Public Spot -> Server -> Operational settings.

5) Under Device hostname, enter the Certificate Name (CN).

6) Change to the menu IPv4 -> DNS -> Host names.

7) In the table Host names, enter the Certificate name set in step 5 and the IP address of the Public Spot gateway.