Per the IdentiFi Wireless Controller release notes for version 09.01.01.0228:
The internal Captive Portal can now be configured to use either http or https
To be clear, this refers to the client to controller communication within the Captive Portal, as the client logs in or clicks "Accept", "Submit", etc.
Previous versions ALWAYS used HTTPS communication, however that would produce an error message if there was not a signed CA certificate applied to the portal topology.
This is accomplished by unchecking the configuration box in the Captive Portal config screen. Select VNS, then choose the correct WLAN Service --> Auth & Acct tab and "Configure":