I have a captive portal on my Wi-Fi using a self-signed certificate.
I installed the issuing (root) cert in the trusted cert store in Android under Settings > Biometrics and security > Other security settings > Install from device storage. I installed it twice - once for "VPN and apps" and another time for "Wi-Fi".
When I connect to the Wi-Fi and I get redirected to the captive portal, I get this error:
SSL certificate not trusted
The security certificate for this network is not from a trusted authority.
We do not recommend that you connect to this network.
Buttons: Cancel / Connect
I verified that the certificate was installed okay because if I connect to a different Wi-Fi without the layer 3 webauth and open up Google Chrome and go to a different website that chains up to the same cert I trusted, I see a green lock icon an don't get any certificate warnings.
My Android device is a Samsung Galaxy S8 running Android 9, kernel 4.4.153.