The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

[Fernando CALVELO VAZQUEZ <fernando.calvelo AT esrf.fr>]

Dear Stefan:

Thanks for your answer.

We are trying to delete this unusable "2nd certificate" present, but I get all the time this message while I try to access to Admin WebSite.....

• https://cat.eduroam.org --> Manage --> eduroam admin access.....
  

... and after a while it redirects to.....

Thanks beforehand for your reply.

Regards,

-- 
Fernando Calvelo.
_________________________________________________________
Fernando CALVELO - Computing Infrastructure group
E.S.R.F (European Synchrotron Radiation Facility)
71, Avenue des Martyrs, 38000 Grenoble, France
o email fernando.calvelo AT esrf.fr
o http://www.esrf.fr/
_________________________________________________________

On 18/03/2019 11:13, Stefan Winter wrote:

Hello,

Hello Geant Team, All our users at ESRF that install the eduroamCAT
application can not connect to the eduroam network. We are seeing the
certification installed by the eduroamCAT App is not the right one.
Attached it is the good certification: *ESRF_Ok_eduroamCert.pem* After
we manually install the certification to the phone (see attached) is
possible to connect to eduroam network. Could you please have a look?

Sure.

The CA data is curated by the organisation's eduroam administrators.

The data I found lists *two* CAs, one of which is the one you attached.

The other one is also a root CA, but it seems to be an old, discontinued
one. Subject: C = SE, O = AddTrust AB, OU = AddTrust External TTP
Network, CN = AddTrust External CA Root

On most Android versions, it is only possible to define *one* root CA as
trust anchor.

With the choice of two, apparently the wrong one is installed as a trust
anchor in this case.

If you are the admin and have access to the CAT administrator interface,
the trivial fix is to log into the admin interface and delete the old CA.

Greetings,

Stefan Winter