Captive Portal

I've had m0n0wall in place as a captive portal gateway for some time now.  With the implementation of the voucher system, it provided exactly what I was looking for an much cheaper that the $5000 Cisco solution.

Now that I've had it in place for a while, I'd like to implement authentication against our active directory environment for our employees, while maintaining the voucher system for visitors.

Step one would be implement a signed certificate for https from a trusted provider so that we don't get the annoying browser pop-ups common to self-signed certs and we're not transmitting domain credentials via plain text.  Step two would then be a redirect on the http side to the https side.  I've implemented multiple certs based upon the .cer sent the the ssl provider and they send you back the key to import and you're golden.  However m0n0's implementation is just different enough to leave me wondering how I go about installing a commercial cert?  Are there preferred providers that are known to work with m0n0?

I've STF'd here and the mailing lists, and there are several incomplete posts asking exactly this same thing.  So does anyone have ssl working on m0n0?  Is there a quick setup guide somewhere that would get me going?

Thanks in advance!

m0n0wall doesn't include a facility for generating private keys and CSRs, so you'll have to generate the key and CSR on another machine, send it to the CA to get the certificate, and then install the certificate + private key on your m0n0wall.

You could follow the instructions for Apache (http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html) - it's the same thing. Just make sure that the private key you copy to m0n0wall is not encrypted.