...
You should see an output like {"href":"./","http://letswifi.app/api#2": if the webserver is running OK internally. You should also be able to reach your server with a browser. Next, try to check the metadata with https://YOUR-ADDRESS/simplesamlphp/module.php/saml/sp/metadata.php/default-sp?output=xhtml. At this point, please obtain and install a server certificate for your web server. The configuration file is named found at /etc/apache2/sites-enabled/letswifi-portal.conf.
At this point you may find out that the SimpleSAMLphp version that your OS comes with is too old. Please download a new one and install it. Copy the apache.conf of the newly installed SimpleSAMLphp to the /config - directory and take it into use at /etc/apache2/conf-available with
...
If you want to change the validity of the issued certificates, you can do this by updating the column default_validity_days in the table realm_signer in the letswifi.sqlite database.
If you want to have the letswifi-portal sign the installer file, you can set signing.cert to a file containing the signing certificate and the corresponding key:
| Code Block |
|---|
'signing.cert' => '/data/certificate.pem'; |
This will only work for the mobileconfig files, which are used on MacOS. On Windows, you'll use the geteduroam installer which is already signed. MacOS shows a warning if the profiles are not signed. The signing certificate can be any certificate signed by a publicly trusted authority.
Connecting to a RADIUS server
...