It will attempt to find where the PF portal is by performing a plain HTTP request, then using the Location header to know what domain name the portal uses in order to perform a validated TLS connection to fetch the profile.
This has been tested with a registration VLAN and in Cisco web-auth and will work with any web-auth that uses a Location header to redirect to the portal
This also now implies that the agent only works with PF servers that use a valid SSL certificate on their portal
This adds validation of the profile server cert.
It will attempt to find where the PF portal is by performing a plain HTTP request, then using the Location header to know what domain name the portal uses in order to perform a validated TLS connection to fetch the profile.
This has been tested with a registration VLAN and in Cisco web-auth and will work with any web-auth that uses a Location header to redirect to the portal
This also now implies that the agent only works with PF servers that use a valid SSL certificate on their portal