The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

[Stefan Winter <stefan.winter AT restena.lu>]

Hi,

> Hmm, well in lieu of any other options, it seems I am stuck with advising 
> our Android users not to update with the new CAT config until after we 
> make the certificate change in a couple of weeks, rather than gradually 
> preparing them now by being able to support both certs.  Our support desk 
> are going to rejoice at that prospect.

I share(d) your pain - we rolled over to a new root CA a week ago.

Since Android only allows exactly one CA certificate to be configured by
API, all our users had to keep using the old config until switchover,
and only after that (when we updated CAT config) could install the new one.

For all other platforms, we were able to send people to config download
in advance, which obviously is much better helpdesk-wise (and in that
specific case, *I* was the helpdesk :-((( ).

In that light, it doesn't matter much when you also change the server
name: since the new CA requires a flag day for Android anyway, you can
just as well change both at the same time.

Greetings,

Stefan Winter

-- 
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
2, avenue de l'Université
L-4365 Esch-sur-Alzette

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66

Attachment: 0x8A39DC66.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature