Hi, so you are providing off-campus eduroam service for some, perhaps Ljubljana-based, University or research institution? (Which is a good thing to do, if you have many of their users on your own campus and want to give them easy, secure access.) On 12.01.22 19:18, Alan DeKok wrote:
If the Mac systems get a certificate popup, then they aren't configured to accept the cert / CA presented by the other server. The solution is to configure the Mac systems to know about those certs.
This is the way to go, of course. Take a look at https://cat.eduroam.org There are ~30 Institutions listed for Ljubljana -- pretty impressive TBH. Your partner might be among them. If so, configuration should be easy: Fire up Safari on the client and import their .mobileconfig. This _should_ configure the client correctly. Just make sure _all_ manual and/or profile configs for eduroam are purged from the client before -- and a reboot after deletion is a good idea. Do other clients (Linux, Windows, iOS, Android) fare any better? You might want to access the remote FR 2.1 with eapol_test to see what it actually delivers, cf. http://deployingradius.com/scripts/eapol_test/ Good Luck Martin -- Dr. Martin Pauly Phone: +49-6421-28-23527 HRZ Univ. Marburg Fax: +49-6421-28-26994 Hans-Meerwein-Str. E-Mail: pauly@HRZ.Uni-Marburg.DE D-35032 Marburg