Mac osx authentication problems

Martin Pauly pauly at
Sun Jan 23 22:23:47 UTC 2022


so you are providing off-campus eduroam service for some, perhaps Ljubljana-based,
University or research institution? (Which is a good thing to do, if you have many
of their users on your own campus and want to give them easy, secure access.)

On 12.01.22 19:18, Alan DeKok wrote:
>    If the Mac systems get a certificate popup, then they aren't configured to accept the cert / CA presented by the other server.  The solution is to configure the Mac systems to know about those certs.

This is the way to go, of course. Take a look at
There are ~30 Institutions listed for Ljubljana -- pretty impressive TBH.
Your partner might be among them. If so, configuration should be easy:
Fire up Safari on the client and import their .mobileconfig.
This _should_ configure the client correctly. Just make sure
_all_ manual and/or profile configs for eduroam are purged from
the client before -- and a reboot after deletion is a good idea.
Do other clients (Linux, Windows, iOS, Android) fare any better?
You might want to access the remote FR 2.1 with eapol_test
to see what it actually delivers, cf.

Good Luck

   Dr. Martin Pauly     Phone:  +49-6421-28-23527
   HRZ Univ. Marburg    Fax:    +49-6421-28-26994
   Hans-Meerwein-Str.   E-Mail: pauly at HRZ.Uni-Marburg.DE
   D-35032 Marburg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5391 bytes
Desc: S/MIME Cryptographic Signature
URL: <>

More information about the Freeradius-Users mailing list