cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
- From: Chris Nelson <cnelson AT ceg-uk.com>
- To: "A.L.M.Buxey AT lboro.ac.uk" <A.L.M.Buxey AT lboro.ac.uk>
- Cc: "cat-users AT lists.geant.org" <cat-users AT lists.geant.org>
- Subject: RE: [[cat-users]] Cat Tool now not authenticating users
- Date: Tue, 5 Apr 2016 08:57:32 +0000
- Accept-language: en-GB, en-US
Hi Alan,
Thank you so much for this!
Had totally forgotten about the live login test and I would have seen what
you pointed out of the externally signed wildcard cert.
With seeing this, I thought this had been set up on the externally facing
proxy but after further checking it had been installed on the actual radius
server for some reason.
Tested with the live test and it's working fine so just need to test at a
campus.
Thanks again.
Chris Nelson
-----Original Message-----
From:
A.L.M.Buxey AT lboro.ac.uk
[mailto:A.L.M.Buxey AT lboro.ac.uk]
Sent: 04 April 2016 20:31
To: Chris Nelson
<cnelson AT ceg-uk.com>
Cc:
cat-users AT lists.geant.org
Subject: Re: [[cat-users]] Cat Tool now not authenticating users
Hi,
> Hopefully you can help with this.
> We did have eduroam working with android and ios devices but now it seems
> that when requests are coming through, something has changed and the
> requests are failing.
> Looking at our set up we have the cn of the authentication server set as
> CBBH-DC-02.ceg.local
> The current car cert file is still current but authentication requests
> are
> failing.
check what your eduroamCAT profile looks like - the CA, the CN etc
(ceg.catscollege.com CA with your .local RADIUS server cert) versus what
your RADIUS server is actually handing out when you authenticate against it -
your production box has got a GoDaddy Root CA, intermediate and a wildcard
RADIUS server cert (the first two appear to have the BEGIN CERTICATE on same
line as /OU+CN stuff which is a bit messy.
as Stefan said, someones made a change without adjusting the other thing -
your current RADIUS server is only SHA1 and expires on Jul 25 07:41:16 2016
so something to be getting ready for anyway.
alan
____________________________________________________________
This e-mail and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom
they are addressed.
If you have received this e-mail in error please notify the
originator of the message.
Any views expressed in this message are those of the individual
sender, except where the sender specifies and with authority,
states them to be the views of Cambridge Education Group.
Scanning of this message and addition of this footer is performed
by Sophos E-mail Filter appliance in conjunction with
virus detection software.
CT
- [[cat-users]] Cat Tool now not authenticating users, Chris Nelson, 04/04/2016
- Re: [[cat-users]] Cat Tool now not authenticating users, Stefan Winter, 04/04/2016
- Re: [[cat-users]] Cat Tool now not authenticating users, A . L . M . Buxey, 04/04/2016
- RE: [[cat-users]] Cat Tool now not authenticating users, Chris Nelson, 04/05/2016
Archive powered by MHonArc 2.6.19.