cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
- From: Stefan Winter <stefan.winter AT restena.lu>
- To: "Visser,Ramon R.D." <r.visser AT fontys.nl>, "cat-users AT lists.geant.org" <cat-users AT lists.geant.org>
- Subject: Re: [[cat-users]] ChromeOS eduroam CAT config
- Date: Thu, 31 Aug 2017 16:40:18 +0200
- Openpgp: id=AD3091F3AB24E05F4F722C03C0DE6A358A39DC66; url=http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
Hi,
thanks for the cert chain. That's indeed all in order.
So it really boils down to: did the ONC file import work, and did the
matching of the network in range to the configured one work.
Greetings,
Stefan
Am 31.08.2017 um 16:18 schrieb Visser,Ramon R.D.:
> Sorry Stefan, mail was sent to early.
>
>
>
> Wifi.fontys.nl cert details:
>
>
>
> Intermediate:
>
>
>
> root
>
>
>
> And Windows 10 client configured with CAT:
>
>
>
> Unfortunaltly I do not have an ChromeBook at the moment so hopefully
> next week.
>
>
>
> Best regards,
>
>
>
> Ramon Visser
>
>
>
> cid:image001.jpg AT 01D15E6A.34F41210 <http://www.fontys.nl/>
>
>
>
> *Ramon Visser **•* Virtueel Security Cluster Coordinator, Dienst IT
> *•*Fontys Hogescholen
> Het Eeuwsel 2, 5612 AS
> <http://www.fontys.nl/over.fontys/plattegrond.aspx?idgebouw=59>*•*Gebouw
> S1, kamer /flex *•*Postbus 347, 5600 AH Eindhoven
> r.visser AT fontys.nl
>
> <mailto:r.visser AT fontys.nl>+31618390398
>
> *Info: Vrijdag 1 september niet aanwezig*
>
>
>
>
>
> *Van:*Visser,Ramon R.D.
> *Verzonden:* donderdag 31 augustus 2017 16:11
> *Aan:* Stefan Winter
> <stefan.winter AT restena.lu>;
>
> cat-users AT lists.geant.org
> *Onderwerp:* RE: [[cat-users]] ChromeOS eduroam CAT config
>
>
>
> Hi Stefan,
>
>
>
> in the attachment the requested certs.
>
>
>
> I have to find an ChromeBook to give you the exact details.
>
>
>
>
>
>
>
> Ramon Visser • Virtueel Security Cluster Coördinator, Dienst IT • Fontys
> Hogescholen
>
> Het Eeuwsel 2, 5612 AS • Gebouw S1, kamer /flex • Postbus 347, 5600 AH
> Eindhoven
>
> r.visser AT fontys.nl<mailto:r.visser AT fontys.nl>+31618390398
>
>
>
>
>
> -----Oorspronkelijk bericht-----
> Van: Stefan Winter
> [mailto:stefan.winter AT restena.lu]
> Verzonden: donderdag 31 augustus 2017 15:51
> Aan: Visser,Ramon R.D.
> <r.visser AT fontys.nl
>
> <mailto:r.visser AT fontys.nl>>;
> cat-users AT lists.geant.org
>
> <mailto:cat-users AT lists.geant.org>
> Onderwerp: Re: [[cat-users]] ChromeOS eduroam CAT config
>
>
>
> Hello,
>
>
>
>> We have an question about de configuration file for ChromeOS
>
>> devices.>> In the IdP we configured the EAP details for this profile:>
>
>> Although after downloading and importing the .ONC (see attachment)
>
>> into an ChromeOS device the CA fields are empty and not containing the
>
>> specific information about the publisher of our radius wifi.fontys.nl
>
>> certificate:
>
>>
>
>> Is this correct?
>
>
>
> No, it's not: after installing the ONC file and clicking on the network
> for the first time, you should see a pre-filled form which only misses
> username/password settings.
>
>
>
> It looks like the ONC file was either not imported correctly (you can
> verify by looking at the list of "Preferred Networks" - eduroam should
> be in that list once you installed the ONC file), or for some reason
> ChromeOS thinks that the network you are connecting to does not match
> the one configured (e.g. we install eduroam as WPA2 network - if the
> network is a, shudder, WEP network, it is too different to be considered
> a config match).
>
>
>
> So, can you please find out if eduroam is in the list of preferred
> networks after installation?
>
>
>
> Also, independently of the issue at hand, are you sure that this CA is
> really the one that has issued your server certificate? I believe the
> "Assured ID Root CA" issues client certificates for email signing
> (S/MIME), but no server certificates. If you want to, you can send me
> the server cert off-list (NOT the key of course). I tried to grab it via
> EAP from the @fontys.nl eduroam server, but it seems to be an MS IAS
> which rejects me before it even sends a certificate.
>
>
>
> Greetings,
>
>
>
> Stefan Winter
>
>
>
> --
>
> Stefan WINTER
>
> Ingenieur de Recherche
>
> Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
> de la Recherche 2, avenue de l'Université
>
> L-4365 Esch-sur-Alzette
>
>
>
> Tel: +352 424409 1
>
> Fax: +352 422473
>
>
>
> PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
> recipient's key is known to me
>
>
>
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
>
> ========================================================== Op deze
> e-mail zijn de volgende voorwaarden van toepassing:
> http://www.fontys.nl/disclaimer The above disclaimer applies to this
> e-mail message.
--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
2, avenue de l'Université
L-4365 Esch-sur-Alzette
Tel: +352 424409 1
Fax: +352 422473
PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
Attachment:
0x8A39DC66.asc
Description: application/pgp-keys
Attachment:
signature.asc
Description: OpenPGP digital signature
- [[cat-users]] ChromeOS eduroam CAT config, Visser,Ramon R.D., 08/31/2017
- Re: [[cat-users]] ChromeOS eduroam CAT config, Stefan Winter, 08/31/2017
- RE: [[cat-users]] ChromeOS eduroam CAT config, Visser,Ramon R.D., 08/31/2017
- RE: [[cat-users]] ChromeOS eduroam CAT config, Visser,Ramon R.D., 08/31/2017
- Re: [[cat-users]] ChromeOS eduroam CAT config, Stefan Winter, 08/31/2017
- RE: [[cat-users]] ChromeOS eduroam CAT config, Visser,Ramon R.D., 08/31/2017
- RE: [[cat-users]] ChromeOS eduroam CAT config, Visser,Ramon R.D., 08/31/2017
- Re: [[cat-users]] ChromeOS eduroam CAT config, Stefan Winter, 08/31/2017
Archive powered by MHonArc 2.6.19.