Skip to Content.
Sympa Menu

cat-users - Re: [[cat-users]] Configure CAT with RADIUS proxy servers?

cat-users AT lists.geant.org

Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

List archive

Re: [[cat-users]] Configure CAT with RADIUS proxy servers?


Chronological Thread 
  • From: Tomasz Wolniewicz <twoln AT umk.pl>
  • To: cat-users AT lists.geant.org
  • Subject: Re: [[cat-users]] Configure CAT with RADIUS proxy servers?
  • Date: Thu, 13 Jul 2017 13:06:08 +0200

Hi John,
in principle intermediate certificates are not needed if your RADIUS
server sends them during the TLS negotiation. Still I believe we did
discover some strange behaviour of certain devices when intermediate
certificated were not installed, cannot remember what it was, but
probably someone on this list will.
Anyway keeping the intermediate definitely does not do any harm.
Tomasz


W dniu 13.07.2017 o 12:45, John Horne pisze:
> On Wed, 2017-07-12 at 21:26 +0000, John Horne wrote:
>
>> On Wed, 2017-07-12 at 18:57 +0200, Tomasz Wolniewicz wrote:
>>> Hi John,
>>> you need to add the UserTrust root to CAT CAs, CAT will then set the
>>> tick in the trusted CAs in the Windows profile.
>> The usertrust root is already in the CAT profile (both of the intermediates
>> and the root were shipped up to the CAT website at the same time). The
>> usertrust root is the 'AddTrust External CA Root'.
> Hi,
>
>
>
> Well this morning I deleted the usertrust and addtrust certificates from the
>
> windows 7 client. I then deleted the Windows eduroam profile from the
> client,
>
> and downloaded/installed CAT again. It logged into our eduroam network with
> no
>
> problems :-)
>
>
>
> Checking the certificates on the Windows client shows that the addtrust root
>
> certificate is installed (and ticked as trusted), but the usertrust RSA
>
> intermediate cert is not installed. I guess it's not required, but I have
> left
>
> it in the CAT profile.
>
>
>
> Anyway, things seem to be working now. Thanks to all for your help,
>
>
>
>
>
>
>
> John.
>
>
>
> --
>
> John Horne | Senior Operations Analyst | Technology and Information Services
>
> University of Plymouth | Drake Circus | Plymouth | Devon | PL4 8AA | UK
>
> ________________________________
>
> [http://www.plymouth.ac.uk/images/email_footer.gif]<http://www.plymouth.ac.uk/worldclass>
>
>
>
> This email and any files with it are confidential and intended solely for
> the use of the recipient to whom it is addressed. If you are not the
> intended recipient then copying, distribution or other use of the
> information contained is strictly prohibited and you should not rely on it.
> If you have received this email in error please let the sender know
> immediately and delete it from your system(s). Internet emails are not
> necessarily secure. While we take every care, Plymouth University accepts
> no responsibility for viruses and it is your responsibility to scan emails
> and their attachments. Plymouth University does not accept responsibility
> for any changes made after it was sent. Nothing in this email or its
> attachments constitutes an order for goods or services unless accompanied
> by an official order form.
>
> To unsubscribe, send this message:
> mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-users
>
> Or use the following link:
> https://lists.geant.org/sympa/sigrequest/cat-users
>

--
Tomasz Wolniewicz

twoln AT umk.pl
http://www.home.umk.pl/~twoln

Uczelniane Centrum Informatyczne Information&Communication Technology Centre
Uniwersytet Mikolaja Kopernika Nicolaus Copernicus University,
pl. Rapackiego 1, Torun pl. Rapackiego 1, Torun, Poland
tel: +48-56-611-2750 fax: +48-56-622-1850 tel kom.: +48-693-032-576


Attachment: smime.p7s
Description: Kryptograficzna sygnatura S/MIME




Archive powered by MHonArc 2.6.19.

Top of Page