On 03/04/14 23:59, Sam Fakhreddine wrote:
Hello,
I have been trying to use a Trusted CA to sign our freeradius server.
The certificates are installed, the key, cert, the root chain all in their appropriate PEM files.
The devices try to get the certificate that we specify; However, whenever we try to connect with an iOS device or Windows we get an error saying that the identity cannot be verified.et
Do you get an error, or a prompt to trust the root for that connection? If you get an error, you've done something wrong. Either not installed the root at the client correctly, or not served the server and all intermediate certs from FreeRADIUS. I guess it's also possible the server cert is not valid wireless i.e. lacks the magic OIDs. See here: http://wiki.freeradius.org/config/Certificates If you get a prompt to trust the root, that's normal and can only be worked around by further telling the client in advance that the specific root is trusted for the specific connection.