https UAM server - non https chilli

wlanmac wlan at
Wed Jun 18 16:05:33 UTC 2008

Personally, I use CoovaSX on my nokia instead of the browser to login. I
don't think using http is the right answer for many hotspots - perhaps
for some where account security isn't so important. 

You probably wouldn't get the error if you used the JSON interface or if
you always redirected the user to a 'start' page. If the user is
clicking on a http link from a https page (as opposed to being
redirected to http from a https URL), maybe you will not have the issue.


On Wed, 2008-06-18 at 17:46 +0200, Gunther Mayer wrote:
> lc wrote:
> > Hi,
> >
> > I noticed that especially the web-browser of Nokia products keeps 
> > complaining about switching from a secured to a non-secured website. 
> > This browser behaviour complicates the login for a user since he has 
> > to click through the warning message everytime he logs on.
> >
> > How do you deal with this? Using a non-https connection to the UAM 
> > server is not a real alternative, is it? Are there any known measures 
> > to avoid those warning messages?
> Thought about how to deal with this problem many times myself. Only 
> solution I can think of at this stage is to get a professionally signed 
> SSL certificate for your uamip (e.g. and run an ssl 
> tunnel in front of your chilli process (e.g. matrixtunnel). This 
> requires firmware changes though (if you use coova ap or any other 
> embedded platform).
> Gunther
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: chilli-unsubscribe at
> For additional commands, e-mail: chilli-help at
> Wiki:
> Forum:

More information about the Chilli mailing list