cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
- From: Dylan Reeves <Dylan.Reeves AT sit.ac.nz>
- To: Vlad Mencl <vladimir.mencl AT reannz.co.nz>, "cat-users AT lists.geant.org" <cat-users AT lists.geant.org>
- Cc: Paul Gunn <paul.gunn AT reannz.co.nz>
- Subject: RE: [[cat-users]] CAT profiles not installing CA cert on Windows 10
- Date: Thu, 27 Feb 2020 02:48:08 +0000
- Accept-language: en-US
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=sit.ac.nz; dmarc=pass action=none header.from=sit.ac.nz; dkim=pass header.d=sit.ac.nz; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=HNNxtKWR3+kgntlJkWuSw9pPRKx87/it2XGTCjp59Is=; b=BL2zXBYHEkEKOO1gZMOwpIJ+g634yUvOBSlazKmh99EzCWj6N/C3N1tq+fYJKSSIT27BTWCWBdA/qH/cOIgG8qZKjcl45Q7X8d2cbqGjW09gLsE/oL3m5cA8jFe8S1F86vTu5iUW5zrXQxW2+/7CwBrhyp4ALfXSLVUd1iVEgu9Jo9pmt4Li5WmqyAPo4WptckhWTcM7PuIXfVQkzaaK7e3Wax8jjBlsi12lA4FfQrMzDSDtiF8cr88cnnB6FcnpNcmJeJavfrk3D/mjBUkpGKFX6QBZ33e7t25nw7j1Di34FN3TjTlsvgWJ/z+iUKa1rvxC3xAQTgOQZhvAJrmAaw==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=isfZsKB0nhOeej8iygGL4MI7OZsb3h/GLmec4zzoy4umV3GLauWATAQOaanH4gZvyD1ycWiLNdjzPS+HMteKH4iAdCc4o5kgDO4ly6oRur2GWRLS0pBIgeKoVWAB59coFmFupNyl8oF/kNwX6+32AwX/h/g7kCm38CYsDfwXo4cS2FgJRWiOQjYedZktkFg7S8n1u0mtiTZpr3khCd8+ffhGgxQsigeb/KVXd6C3ayS6p3IDgZNrRdsh+LCmmduSax0R1Qswy25PTEuXaSSQerniUSgcP8NDfRqbUuPEJqASRxtXtxLsCrTg9DKi7TjVU2fCCOSiWhIgjVKwysiUzw==
- Authentication-results: spf=none (sender IP is ) smtp.mailfrom=Dylan.Reeves AT sit.ac.nz;
Thanks a million Vlad.
Cheers
Dylan
-----Original Message-----
From: Vlad Mencl <vladimir.mencl AT reannz.co.nz>
Sent: Thursday, 27 February 2020 10:10 AM
To: cat-users AT lists.geant.org
Cc: Dylan Reeves <Dylan.Reeves AT sit.ac.nz>; Paul Gunn <paul.gunn AT reannz.co.nz>
Subject: CAT profiles not installing CA cert on Windows 10
Hi,
We (REANNZ) are assisting our members here in New Zealand with using CAT ...
and one of our members (sit.ac.nz) has tried rolling out their CAT profile
onto Windows 10 devices, but the devices were failing to validate the
certificate.
After some troubleshooting (involving Microsoft support), the solution was to
import the Issuing CA certificate into the NTAuth store with:
"certutil -enterprise -addstore NTAuth C:\IssuingCA.cer"
I don't know if this is specific to this single site, or whether it's a new
quirk of Windows 10 that would be affecting everyone.
Would anyone know if they've had to deal with something similar?
Many thanks in advice for any pointers.
Cheers,
Vlad
PS: The CA in question here is:
CN=Sectigo RSA Domain Validation Secure Server CA,O=Sectigo
Limited,L=Salford,ST=Greater Manchester,C=GB
- and the CAT ID of this IdP is 6292 -
https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcat.eduroam.org%2F%3Fidp%3D6292%26profile%3D7007&data=02%7C01%7CDylan.Reeves%40sit.ac.nz%7C30be60e4534040cd7a7008d7bb00407d%7Cc46ab213d1794a719ff7b9d9fe3f3b48%7C0%7C0%7C637183482075848504&sdata=RF4NhjvhvjbgFOpHmw3gyTsGzPRXmqO4rH1vhmJtI9M%3D&reserved=0
--
Vladimir Mencl
Senior Software Engineer
Research & Education
Advanced Network NZ Ltd
https://apc01.safelinks.protection.outlook.com/?url=www.reannz.co.nz&data=02%7C01%7CDylan.Reeves%40sit.ac.nz%7C30be60e4534040cd7a7008d7bb00407d%7Cc46ab213d1794a719ff7b9d9fe3f3b48%7C0%7C0%7C637183482075848504&sdata=Ej%2BrXZ%2FXQJadbA9DqWoqQR4YxvlMi%2BRq5%2FyHoBJ2gLo%3D&reserved=0
- [[cat-users]] CAT profiles not installing CA cert on Windows 10, Vlad Mencl, 02/26/2020
- <Possible follow-up(s)>
- [[cat-users]] CAT profiles not installing CA cert on Windows 10, Vlad Mencl, 02/26/2020
- RE: [[cat-users]] CAT profiles not installing CA cert on Windows 10, Dylan Reeves, 02/27/2020
Archive powered by MHonArc 2.6.19.