About the only way I can think of is to install a profile (.mobileconfig) which
> Trevor Jennings wrote:
[...]
> On OSX, the certificates are marked as valid, including the root, intermediate
> and server, but still prompts the user to accept. Is there a way around this?
pre-approves the use of that certificate authority.
Reason being, if you just
accept any old certificate authority any compromised certificate will work, and
on newer OSX/iOS the only way to check the certificate subject for the name
of your RADIUS server.
[...]
(Incidentally this is why many environments do not like having Android devices
on their wireless LANs since they don't have any such native options accessible
from the UI or even a decent way to distribute profiles.
Heck they don't even fake it by making the first certificate they see sticky.