EAP-TLS working but asking for cert

Alan Buxey alan.buxey at gmail.com
Mon Sep 25 22:10:59 CEST 2017

use a mobileconfig provisin for the iOS device

for the Linux box - its set to be stupidly insecure by default, you
need to configure the supplicant to only trust a particular CA
(the joy of Linux is that unlike eg iOS/OSX/Windows et al) there isnt
really a standard proper single CA location for all tools/OS to use -
a few
of them use the /etc/pki/ OpenSSL location, others use their own cert store.


On 25 September 2017 at 21:06, Chevalier Violet
<chevalier.violet at gmail.com> wrote:
> Hi all,
> Trying to get the hang of this EAP-TLS thing on my iPhone. I did finally
> get a p12 cert working on my phone. But now when I connect, it asks me to
> trust a cert.
> I've tried installing the ca.pem and the ca.der on my iPhone several times
> now, no luck.
> Similarly, when I connect via Linux, I'm able to do so without showing my
> ca.pem. But Linux doesn't ask me to trust a cert--any clues what's going on?
> Let me know if there are config file I can help you have?
> CV!
> --
> "Do not speak, unless it improves on silence."  -- Buddha
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list