cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
- From: Jeremy Plumley <jmplumley AT gtcc.edu>
- To: Stefan Winter <stefan.winter AT restena.lu>, "cat-users AT lists.geant.org" <cat-users AT lists.geant.org>
- Subject: RE: [[cat-users]] Android Connectivity using CAT
- Date: Thu, 22 Feb 2018 18:22:39 +0000
- Accept-language: en-US
- Authentication-results: prod-mail.geant.net (amavisd-new); dkim=pass (1024-bit key) header.d=testgtcc.onmicrosoft.com
- Authentication-results: spf=none (sender IP is ) smtp.mailfrom=jmplumley AT gtcc.edu;
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
Yes, I have uploaded the root CA and the intermediate CA on our CAT profile.
I'm in the process now of seeing if I can combine the server and intermediate
together before applying it to my radius. How do I use the realm check
feature to see if that is my issue?
Jeremy Plumley
ITS Network Administrator
Ext 50024
-----Original Message-----
From: Stefan Winter
[mailto:stefan.winter AT restena.lu]
Sent: Thursday, February 22, 2018 4:28 AM
To: Jeremy Plumley
<jmplumley AT gtcc.edu>;
cat-users AT lists.geant.org
Subject: Re: [[cat-users]] Android Connectivity using CAT
Hello,
Android has an ample selection of shortcomings to choose from :-)
Do you by any chance have a setup with an intermediate CA in addition to the
root CA?
And you have uploaded that intermediate CA into the CAT profile?
That's great and makes all the operating systems you listed above work.
Except for Android: it is not possible to install the intermediate CA
together with the root there.
For Android, you have to make sure that your RADIUS server sends the
intermediate CA together with the server cert during the EAP conversation;
otherwise Android cannot create the chain up to the root CA.
There should be a warning in the realm check feature about intermediate CAs
only being in configuration, but not in the EAP conversation if that is the
cause of the problem. Do you see that warning?
Greetings,
Stefan Winter
--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la
Recherche 2, avenue de l'Université
L-4365 Esch-sur-Alzette
Tel: +352 424409 1
Fax: +352 422473
PGP key updated to 4096 Bit RSA - I will encrypt all mails if the recipient's
key is known to me
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
E-Mail correspondence to and from this address may be subject to the North
Carolina Public Records Law and shall be disclosed to third parties when
required by the statutes (G.S. 132-1.)
- [[cat-users]] Android Connectivity using CAT, jmplumley, 02/21/2018
- Re: [[cat-users]] Android Connectivity using CAT, Stefan Winter, 02/22/2018
- RE: [[cat-users]] Android Connectivity using CAT, Jeremy Plumley, 02/22/2018
- RE: [[cat-users]] Android Connectivity using CAT, Jeremy Plumley, 02/22/2018
- Re: [[cat-users]] Android Connectivity using CAT, Stefan Winter, 02/23/2018
- RE: [[cat-users]] Android Connectivity using CAT, Jeremy Plumley, 02/23/2018
- Re: [[cat-users]] Android Connectivity using CAT, Stefan Winter, 02/26/2018
- RE: [[cat-users]] Android Connectivity using CAT, Jeremy Plumley, 02/23/2018
- RE: [[cat-users]] Android Connectivity using CAT, Jeremy Plumley, 02/22/2018
- Re: [[cat-users]] Android Connectivity using CAT, Stefan Winter, 02/22/2018
Archive powered by MHonArc 2.6.19.