3rd-party certificates in FR3

[Ivan Strelnikov]

Thank you for the answer, Alan!

Please, comment if i were mistaken or not:
I have intermediate ca certificate as ca.pem and private+device's 
scertificate as server.pem.
Am i right or i should take whole chain to ca?
device -> intermediate -> root ca?

The main problem is that the Apple devices in the wireless connecting 
dialog still writes "Untrusted" certificate.
Even if my root ca is in white list of Apple.

So, i don't want to creates bundles of wi-fi profile to Apple or install 
my radius' certificate.
I will appreciated if there is some opportunities to do so.
Thank you.

02.09.2015 1:32, Alan DeKok пишет:
> On Sep 1, 2015, at 5:59 PM, Иван Стрельников <i.n.strelnikov at gmail.com> wrote:
>> And i want to realize next scheme:
>> cisco wlc wi-fi -> freeradius -> mysql db.
>> It's all ok with db, i just want to clear out the messages to end user
>> about radius certificate.
>> So, i want use a certificate, which root ca will be in apple\android's
>> certificate stores.
>> Maybe geotrust, maybe other.
>> I didn't find how it should to install and i need help here.
>    The certificates are just files on disk.  Change them.
>
>    Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html