Server certificate renewal

douglas eseng douglas.eseng at gmail.com
Sun Jan 10 12:25:07 CET 2016


Not strictly freeradius issue, perhaps those on the list have insight on
the issue.

Using freeradius for PEAP authentication, server cert is signed by
private CA. We don't use profile to install the CA cert onto iOS devices.

After renewal of server cert, existing iOS devices ask user to again trust
the cert. Is this normal behaviour? Since it was a renewal, would have
thought it is recognized as the same cert and remain trusted.

Anyone know once user trusted the cert, what digest/fingerprint of the cert
does IOS remember? Unable to find info on this from Apple's site.

Thanks.


More information about the Freeradius-Users mailing list