Just curious, for those running a supplicant configuration utility, why are you
using a public CA-signed EAP server certificate?
On 7/31/18, 4:21 PM, "The EDUCAUSE Wireless Issues Constituent Group Listserv
on behalf of Charles Rumford" <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU on behalf of
charl...@isc.upenn.edu> wrote:
On 07/31/2018 04:18 PM, Michael Dickson wrote:
> Hi Charles,
>
>
> What do you mean by "we ended up configuring all of the intermediate
certs"? Do
> you mean you are now pushing all certs down to the client during the
JoinNow
> process?
Yes. We ended up, just for Windows, pushing all of certs down to the
clients. It
was the only way we could get the profile to work.
>
>
> We are also running EAP-TTLS/PAP with JoinNow with a cross-signed double
> intermediate cert. I haven't heard of any issues yet but want to get in
front of
> any that might crop up..
>
>
> Thanks,
> Mike
>
> Michael Dickson
> Network Engineer
> Information Technology
> University of Massachusetts Amherst
> 413-545-9639
> michael.dick...@umass.edu
> PGP: 0x16777D39
>
>
>
>
--------------------------------------------------------------------------------
> *From:* The EDUCAUSE Wireless Issues Constituent Group Listserv
> <WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Charles Rumford
> <charl...@isc.upenn.edu>
> *Sent:* Tuesday, July 31, 2018 12:24 PM
> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
> *Subject:* Re: [WIRELESS-LAN] Issues with Windows 10
>
> On 07/30/2018 01:09 PM, Turner, Ryan H wrote:
>> From SecureW2:
>>
>> The issue is noticed when the RADIUS server cert is signed by AddTrust
External CA Root (Cross signed by USERTrust RSA Certification Authority) and
with the recent windows 10 update. We are looking into this and should be able
to provide you an update.
>>
>
> We ended up configuring all of the intermediate certs, and it solved the
problem.
>
>
> --
> Charles Rumford
> Senior Network Engineer
> ISC Tech Services
> University of Pennsylvania
> OpenPGP Key ID: 0x173F5F3A (2018/07/05)
>
>
> **********
> Participation and subscription information for this EDUCAUSE Constituent
Group
> discussion list can be found at http://www.educause.edu/discuss.
>
> ********** Participation and subscription information for this EDUCAUSE
> Constituent Group discussion list can be found at
http://www.educause.edu/discuss.
>
--
Charles Rumford
Senior Network Engineer
ISC Tech Services
University of Pennsylvania
OpenPGP Key ID: 0x173F5F3A (2018/07/05)
**********
Participation and subscription information for this EDUCAUSE Constituent
Group discussion list can be found at http://www.educause.edu/discuss.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/discuss.
