Hello there, The only solution is have a proper chain of trust.
You could provision a configuration to trust your certificate chain or used a already trusted Root CA or Sub CA on the devices specially on Android. Thanks, Ludovic Zammit Product Support Engineer Principal Lead Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us: <https://community.akamai.com/> <http://blogs.akamai.com/> <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> <http://www.linkedin.com/company/akamai-technologies> <http://www.youtube.com/user/akamaitechnologies?feature=results_main> > On Dec 7, 2024, at 9:10 AM, Thirunavukkarasu Palanisamy via PacketFence-users > <packetfence-users@lists.sourceforge.net> wrote: > > This Message Is From an External Sender > This message came from outside your organization. > Hi Friends, > > Configured the PacketFence with MS AD and Google Secure LDAP > > We are using the EAP-PEAP (MS AD) and EAP-TTLS (LDAPs) for authentication > But we are facing issues in configuring the IOS/MacOS devices and the Android > devices > CA Certificate- No option to "Do Not Validate" in the Android? > IOS/MacOS - ??? > > Ensuring your WiFi network is ready for Android 11 QPR1 security update > Most organisations with 802.1x WiFi networks are still using > relatively-ancient legacy EAP methods (such as PEAP and EAP-TTLS) and > credentials. The security update is intended to force organisations to update > their Android security through a process of eliminating the ‘do not validate’ > option when prompted for CA Certificate details in the dropdown menu for > network settings. > “The last thing that organisations need is to return to business to discover > they can no longer connect to their WiFi network. This could be catastrophic > for organisations who do not take proactive action immediately, as wireless > connectivity has become a cornerstone of most organisations,” says Andre > Kannemeyer, CTO for Duxbury Networking. > (https://www.itweb.co.za/content/mYZRXv9alK3vOgA8 > <https://urldefense.com/v3/__https://www.itweb.co.za/content/mYZRXv9alK3vOgA8__;!!GjvTz_vk!Su5-nMODkrmqXoa8-lyIZAh6ad3ApYYSjXAo33fWcwibIMS83uuoPpsq4IIIOekjTM09hZd_kdWnJq_rMbyrWaLp86FZeVL6dmhkkg$>) > > How to overcome the above issue as mentioned in the link? > > Thanks & Regards, > Thirunavukkarasu > Chennai > > --------------------------------------------------------------------------------- > TANUVAS > The contents of this message are confidential and are not be shared with > outside parties without prior permission > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > <mailto:PacketFence-users@lists.sourceforge.net> > https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!Su5-nMODkrmqXoa8-lyIZAh6ad3ApYYSjXAo33fWcwibIMS83uuoPpsq4IIIOekjTM09hZd_kdWnJq_rMbyrWaLp86FZeVLTU398kg$
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
