Hi Mike, does IOS 5.1 finally support PEAP-TLS?
Best regards, Alex Am 2012-02-09 14:08, schrieb Mike Puchol: > Hi all, > > I'm testing EAP-PEAP with an iPad running iOS5.1, and even though I'm > using an SSL certificate from Digicert, signed using SHA-1, and Digicert > being on the list of trusted CAs by iOS (I even checked the serial > number, which is good), I get the following on the iPad's debug console: > > Feb 9 14:02:08 Mikes-iPad kernel[0] <Debug>: > AppleBCMWLANCore::setCIPHER_KEY() [eapolclient]: type = CIPHER_PMK, > index = 0, flags = 0x0, key lenght 0, key rsc lenght 0 > Feb 9 14:02:08 Mikes-iPad eapolclient[149] <Notice>: > peap_verify_server: server certificate not trusted, status 3 0 > Feb 9 14:02:08 Mikes-iPad Preferences[93] <Warning>: > -[WiFiManager(Private) _enterpriseAssociationResult:withInfo:]: User > Information required > Feb 9 14:02:10 Mikes-iPad eapolclient[149] <Notice>: > peap_verify_server: server certificate not trusted, status 3 0 > Feb 9 14:02:16 Mikes-iPad eapolclient[149] <Notice>: > peap_verify_server: server certificate not trusted, status 3 0 > > The iPad then shows up an "Add certificate" dialog, but with a big red > button and the text "Not verified". My guess is that it's trying to > check a CRL, but of course, being still offline, this cannot be done. > > Has anyone successfully connected an iOS5 device using EAP without "bad > certificate" warnings? As clarification, I'm not using provisioning > profiles, so the iPad doesn't "know" the network when it first connects > to it. > > Cheers, > > Mike > > > _______________________________________________ > radiator mailing list > radiator@open.com.au > http://www.open.com.au/mailman/listinfo/radiator *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien Handelsgericht Wien, FN 79340b *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* Notice: This e-mail contains information that is confidential and may be privileged. If you are not the intended recipient, please notify the sender and then delete this e-mail immediately. *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"* _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator