Skip to Content.
Sympa Menu

cat-users - [cat-users] Certificate Validation Issue

cat-users AT lists.geant.org

Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

List archive

[cat-users] Certificate Validation Issue


Chronological Thread 
  • From: Kari Klesh <Kari.Klesh AT ufv.ca>
  • To: "'cat-users AT geant.net'" <cat-users AT geant.net>
  • Subject: [cat-users] Certificate Validation Issue
  • Date: Thu, 24 Jul 2014 22:26:50 +0000
  • Accept-language: en-GB, en-US
  • List-archive: <http://mail.geant.net/pipermail/cat-users/>
  • List-id: "The mailing list for users of the eduroam Configuration Assistant Tool \(CAT\)" <cat-users.geant.net>

Hello,

 

In the absence of our Institution’s eduroam CAT admin, we are seeking assistance with a recent issue.

Shane Schlosser is our admin at the University of the Fraser Valley and is off enjoying summer with his family. Sure enough, new Windows device users are now reporting certificate validation issues when using the CAT tool. Specifically:

Found Error Schannel 36882 
The certificate received from the remote server was issued by an untrusted certificate authority. Because of this, none of the data contained in the certificate can be validated. The SSL connection request has failed. The attached data contains the server certificate."

 

We are aware that they can use the network by not validating the certificate, but we want to re-establish security as soon as possible. Waiting 3 weeks for the return of our admin seems too long.

 

I see there is a way to verify the radius setup that will also test our cert chain, but we don’t have our admin’s login to the portal.

https://wiki.terena.org/display/H2eduroam/A+guide+to+eduroam+CAT+for+institution+administrators#AguidetoeduroamCATforinstitutionadministrators-VerifyingmyRADIUSsetup

and

https://wiki.terena.org/display/H2eduroam/A+guide+to+eduroam+CAT+for+institution+administrators#AguidetoeduroamCATforinstitutionadministrators-Step2:HowtologintoeduroamCAT?

 

Assuming that this verifies what we suspect, the next issue is we do not have access to the Radius server to  fix the certificate chain issue.

If I am making any sense at all I would appreciate any advice you have for proceeding with out our CAT admin.

 

Please and thank you,

Kari

 

Kari Klesh | Analyst, IT Systems

Information Technology Services | University of the Fraser Valley

Kari.Klesh AT ufv.ca | 604-557-4003

http://ehelpdesk.ufv.ca | http://www.ufv.ca

 




Archive powered by MHonArc 2.6.19.

Top of Page