iOS doesn't trust server certificate signed by intermediate issuer
Hans-Christian Esperer
hc at hcesperer.org
Fri Dec 4 09:59:59 CET 2020
On Thu, Dec 03, 2020 at 04:22:52PM -0500, Alan DeKok wrote:
> For security, iOS doesn't trust *any* certificate. All 802.1X clients should behave this way. But Android doesn't, likely for ease of use. Which means it's relatively easy to do nothing, and have your credentials go to a random server.
Hmm, I was at a coworking space some time ago and they had an EAP/PEAP secured
network there. Just out of curiosity I tried to log in with my macbook (latest
mac os) and to my surprise I did *not* get a certificate warning. I concluded
that for probably a bit more money you could get certificates that are accepted
by default by supplicants, but I didn't check further. Could this be so?
HC
More information about the Freeradius-Users
mailing list