Macs started using ocsp by default in the latest release. The servers
used aren't in the default allowed hosts list for the
unauthenticated/temp roles.
Try adding the ocsp.* host entries for your cert provider in the
unauthenticated and temp roles. This cleared up the problem for us (CCA
4.8.2).
--
Don
On 7/9/2012 11:07 AM, Kelly Slone wrote:
I have noticed the same issue with a new cert we have installed for our guest
wireless implementation of ISE. The "invalid certificate issuer" error is
only seen from clients running 10.7.x Lion that are using Safari. We do not
see this issue on ipads, iphones, windows machines, or other OS X versions
even including the latest developers seed of 10.8 Mountain Lion.
Thank you,
Kelly Slone, B.S., MCP
Telecom Specialist II
Marshall University Computing Services
Drinko Library DL 434A
Office: 304-696-6109
Helpdesk: 304-696-3200
[email protected]
