Re: using SSL certs with EAP-TLS
Again, all is working, but I'd like to get rid of the warning! Any help?
I also sent Matthieu an email offlist. After reading http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/iOS-quot-not... and https://discussions.apple.com/thread/5967450 I'm beginning to think: it can't be done, no warning on iOS. One will always get a certificate not verified warning upon the first connect in iOS. iOS's brother OS X is not complaining.
Hello,
After reading http://community.arubanetworks.com/t5/AAA-NAC-Guest-Access-BYOD/iOS-quot-not... and https://discussions.apple.com/thread/5967450 I'm beginning to think: it can't be done, no warning on iOS. One will always get a certificate not verified warning upon the first connect in iOS. iOS's brother OS X is not complaining.
The first link tells you quite clearly in one of the responses: "You will always get Not Verified unless you pre-configure clients with a profile. It's a normal part of the EAP server validation process. " And the person is right. So the solution is to create a configuration profile, push that to users, and then there will be no warning on the first Wi-Fi connection to your chosen network. That is not "It can't be done". Like Mathieu wrote, tools such as https://802.1x-config.org do exactly this job: fill in your EAP deployment details, and you'll get a re-usable configuration profile back. Greetings, Stefan Winter -- Stefan WINTER Ingenieur de Recherche Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 2, avenue de l'Université L-4365 Esch-sur-Alzette Tel: +352 424409 1 Fax: +352 422473 PGP key updated to 4096 Bit RSA - I will encrypt all mails if the recipient's key is known to me http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
participants (2)
-
Stefan Winter -
Wouter