iOS and OSX issues
mus3 at lehigh.edu
Wed Feb 26 19:25:38 CET 2020
It was my understanding the TLS certificate "825 day" and now "~390 day"
requirement was for safari only, not for the .1x supplicant
On Wed, Feb 26, 2020 at 11:58 AM Alan DeKok <aland at deployingradius.com>
> If people are having issues with iOS and OSX getting online, you should
> check out Apples new guidelines:
> Even if your certificates meet those criteria, they *might* still be
> rejected. If so, you should do some tests with the "example.com"
> certificates that the server builds in raddb/certs. Use a test machine
> (not the production RADIUS server!) and figure out if the certificates are
> accepted by iOS.
> If so, then you may have to get new production certificates which more
> closely match the test ones.
> iOS and OSX are "black boxes", and do NOT give useful information as to
> why they rejected the certificate. If they did, it would be a simple
> matter to fix the offending field.
> Instead, Apple punishes everyone for their own laziness. :(
> Alan DeKok.
> List info/subscribe/unsubscribe? See
Senior Network Engineer
munroe at lehigh.edu
More information about the Freeradius-Users