Mac osx authentication problems
Martin Pauly
pauly at hrz.uni-marburg.de
Sun Jan 23 22:23:47 UTC 2022
Hi,
so you are providing off-campus eduroam service for some, perhaps Ljubljana-based,
University or research institution? (Which is a good thing to do, if you have many
of their users on your own campus and want to give them easy, secure access.)
On 12.01.22 19:18, Alan DeKok wrote:
> If the Mac systems get a certificate popup, then they aren't configured to accept the cert / CA presented by the other server. The solution is to configure the Mac systems to know about those certs.
This is the way to go, of course. Take a look at https://cat.eduroam.org
There are ~30 Institutions listed for Ljubljana -- pretty impressive TBH.
Your partner might be among them. If so, configuration should be easy:
Fire up Safari on the client and import their .mobileconfig.
This _should_ configure the client correctly. Just make sure
_all_ manual and/or profile configs for eduroam are purged from
the client before -- and a reboot after deletion is a good idea.
Do other clients (Linux, Windows, iOS, Android) fare any better?
You might want to access the remote FR 2.1 with eapol_test
to see what it actually delivers, cf.
http://deployingradius.com/scripts/eapol_test/
Good Luck
Martin
--
Dr. Martin Pauly Phone: +49-6421-28-23527
HRZ Univ. Marburg Fax: +49-6421-28-26994
Hans-Meerwein-Str. E-Mail: pauly at HRZ.Uni-Marburg.DE
D-35032 Marburg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5391 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20220123/abe8bd2f/attachment.bin>
More information about the Freeradius-Users
mailing list