EAP SSL Cert "Not Trusted"

Trevor Jennings Trevor at simple101.com
Wed Jun 14 17:19:35 CEST 2017


Thanks for the quick reply!

We are using Thawte which Apple devices already trust (These are more
common devices on our network).

Are you referring to configuration profiles that are setup on the clients?

Cheers,

 - Trevor


On Wed, Jun 14, 2017 at 11:01 AM, Matthew Newton <
matthew at newtoncomputing.co.uk> wrote:

> On Wed, Jun 14, 2017 at 10:56:10AM -0400, Trevor Jennings wrote:
> >  We have several freeradius servers with a valid certificate for EAP.
> When
> > the clients first log in via wifi, they are presented with a certificate
> > "Not Trusted" warning, even though that certificate is signed by a
> trusted
> > CA. Is this the expected behavior?
> >
> > Is this because we are missing a piece that is required by the client to
> > trust this certificate?
>
> Make sure the root CA for the server certificate is installed in
> the correct place on the client devices.
>
> Also, if they are running Windows, make sure you've also got the
> correct extension OIDs (e.g. TLS Web Server) in the server certificate.
>
> You shouldn't get a warning each time you connect or if you change
> the server certificate.
>
> --
> Matthew
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/
> list/users.html


More information about the Freeradius-Users mailing list