cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
Re: [cat-users] Eduroam Configuration Assistant Tool: Error when changing CA Certificate File
Chronological Thread
- From: Stefan Winter <stefan.winter AT restena.lu>
- To: denis.mirassou AT univ-tlse3.fr, cat-users AT geant.net
- Subject: Re: [cat-users] Eduroam Configuration Assistant Tool: Error when changing CA Certificate File
- Date: Tue, 3 Nov 2015 13:45:06 +0100
- List-archive: <https://mail.geant.net/mailman/private/cat-users/>
- List-id: "The mailing list for users of the eduroam Configuration Assistant Tool \(CAT\)" <cat-users.geant.net>
- Openpgp: id=AD3091F3AB24E05F4F722C03C0DE6A358A39DC66; url=http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
Hi,
> The issue was that CAT doesn't recognized intermediate CA like TERENA
> SSL 3.
Oh, it recognised the intermediate CA as an intermediate CA just fine. :-)
The actual issue is that clients needs to be configured towards a trust
*root* CA - so that one needs to be uploaded.
> I uploaded the CA File from the issuer of TERENA SSL 3 : DigiCert
> Assured ID Root CA.
>
> So I have now 2 CA Files.
>
> And This worked.
>
> Sorry for bothering...
Glad things worked out for you,
Stefan
>
> Regards.
>
> DM
>
> On 03/11/2015 10:49, Denis Mirassou wrote:
>> Hello,
>>
>> Our CA has recently changed (TERENA SSL 2 --> TERENA SSL 3).
>> So I need to change CAT Profiles accordingly with this new CA.
>>
>> I have done it in the 'IdP wide settings' : OK
>>
>> But My Institution Profile get then invalid with theses mentions:
>> EAP Types (in order of preference):
>> PEAP-MSCHAPv2 Information needed!
>> CA Certificate File
>>
>> TTLS-MSCHAPv2 Information needed!
>> CA Certificate File
>>
>> TTLS-PAP Information needed!
>> CA Certificate File
>>
>>
>> But the CA file is already uploaded in the IdP Wide Settings section !
>>
>> I tried several things:
>> - Create a new profile from scratch
>> - Upload CA File in the profile itself (This overrides IdP Wide settings)
>> None of these are working.
>>
>> I am stucked.
>>
>> I joined some screenshots.
>>
>> Thanks for help.
>>
>> Regards,
>>
>> DM.
--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
2, avenue de l'Université
L-4365 Esch-sur-Alzette
Tel: +352 424409 1
Fax: +352 422473
PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
Attachment:
0x8A39DC66.asc
Description: application/pgp-keys
Attachment:
signature.asc
Description: OpenPGP digital signature
- [cat-users] Eduroam Configuration Assistant Tool: Error when changing CA Certificate File, Denis Mirassou, 11/03/2015
- Re: [cat-users] Eduroam Configuration Assistant Tool: Error when changing CA Certificate File, Denis Mirassou, 11/03/2015
- Re: [cat-users] Eduroam Configuration Assistant Tool: Error when changing CA Certificate File, Stefan Winter, 11/03/2015
- Re: [cat-users] Eduroam Configuration Assistant Tool: Error when changing CA Certificate File, Denis Mirassou, 11/03/2015
Archive powered by MHonArc 2.6.19.