Skip to Content.
Sympa Menu

cat-users - Re: [[cat-users]] Eduroam CAT Tool Configuration

cat-users AT lists.geant.org

Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

List archive

Re: [[cat-users]] Eduroam CAT Tool Configuration


Chronological Thread 
  • From: Stefan Winter <stefan.winter AT restena.lu>
  • To: Venkat Reddy Banda <venkat.banda AT lsbm.ac.uk>, "cat-users AT lists.geant.org" <cat-users AT lists.geant.org>
  • Subject: Re: [[cat-users]] Eduroam CAT Tool Configuration
  • Date: Mon, 13 Nov 2017 13:09:39 +0100
  • Openpgp: id=AD3091F3AB24E05F4F722C03C0DE6A358A39DC66; url=http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66

Hello,

> Thanks for the reply.
>
> We are listed on https://cat.eduroam.org. Currently we are testing the
> tool.
>
> The question I have is : Which CA files I need to upload in to tool.
>
> Our Server certificate is from https://www.thawte.com/. I have uploaded CA
> certificates from this site. When it comes to authentication on the server
> its rejecting.
>
> I thought there is something in the tool I have misconfigured. Could you
> help us?

There are many CA certificate in Thwate's portfolio.

You only need to upload

a) the (one) root CA certificate that issued your server cert
b) optionally, but recommended, all the intermediate CAs that make up
the certification path from said root CA to your server cert.

If you'd post the "Subject" part of your server cert (or send the entire
thing, please WITHOUT the private key of course) then it's fairly simple
to look up which CAs you need.

Even though I'm surprised you weren't given those certificates on the
same download page that gave you the server cert itself - all these
belong together.

Greetings,

Stefan Winter

--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
2, avenue de l'Université
L-4365 Esch-sur-Alzette

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66

Attachment: 0x8A39DC66.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature




Archive powered by MHonArc 2.6.19.

Top of Page