Skip to Content.
Sympa Menu

cat-users - Re: [[cat-users]] "Internal error" while connecting via "geteduroam" on Android 11

cat-users AT lists.geant.org

Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

List archive

Re: [[cat-users]] "Internal error" while connecting via "geteduroam" on Android 11


Chronological Thread 
  • From: Paul Dekkers <paul.dekkers AT surf.nl>
  • To: Martin Pauly <pauly AT hrz.uni-marburg.de>
  • Cc: cat-users AT lists.geant.org
  • Subject: Re: [[cat-users]] "Internal error" while connecting via "geteduroam" on Android 11
  • Date: Fri, 1 Oct 2021 15:31:49 +0200
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=surf.nl; dmarc=pass action=none header.from=surf.nl; dkim=pass header.d=surf.nl; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ZlOHNflpAdrbN0mMZQfk2+tRLrQlQSGnjldvRXH+QHc=; b=nNLkBP5sywrRi3UmkjD3SvcAqDDOWCc0297e3wV8qf37tAKyNGlzQBc47Yj/5tbs/i/WX014SrDJvno592Se20u/OhPK0cxm03tbCBwbwebRp2SRfTVypq3WNTjVF/N1juNrpRHa2/S4A0swn9UyMDnv7e/pvmf4Zi1znYexZpZmBAtgB0PYkh0LyKPekJXSAeHvfU4KE5KKEHRv8XX7vYlMacfdlHpmkpaDPV3E6sYdWjNy5RMDPkJVG5+zpZZQ0UO0OTnx7cBLdN6LJHvQQK1RrpQAud1DICwZX9kaRBOCpoh3FWR6JvwbJA0QNmxJhxdTx6gLmSbVxqnHwhIaIg==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=iHxK3pkaw1TehNg4RErGwV7USSz4OJLrnX58c6M6A44LWCULsngZkcrR3SQKozOVa2XdR0dwR5ZzKhhMZqDP/BE7Ns9cD2oTGKEhIX/M7JWrcyO4X2x25ubTYzE8eJ9oDmV9FxCMrEp+ePds8GGaEwRnLicP6E764WQBdgPLn6oSYLfV45Bk3NeeY2+iSD+Vpu2c0AjhhHScaJBWOaOLYY1kItYe4oAXf37Fx2yUzYlyfOIcp1uphu/yrGhVhyGibC50ZKKDKBgHPDja/XhnkxWVUZybvxNKsU7esmiatfvoG1Lv3tzgu5IY5OyHQnpIwIPlMYdMGCHLoKoADoBRXw==
  • Authentication-results: hrz.uni-marburg.de; dkim=none (message not signed) header.d=none;hrz.uni-marburg.de; dmarc=none action=none header.from=surf.nl;

Hi,

Op 01-10-2021 om 15:20 schreef Martin Pauly:
> Am 01.10.21 um 15:16 schrieb Paul Dekkers:
>> You seem to be using a private CA (in fact, there is no CA the entire
>> certificate is self signed). One issue is likely that you have no
>> subjectAltName DNS: entry with your hostname, and the geteduroam
>> installer expects that.
>
> this has been fixed (or rather, completed) in the beta version, right?
> Could we have it in the production version on play.google.com?

It will only fix it for Android 11 and up, so it won't solve it for 10
and lower.

So: we have a beta that works with "Suggestions", we also have a version
that uses "Actions" and creates a user network. This API was buggy in
the initial releases of Android 11 (crash buggy) but is better now,
apart from a UI bug that we need to iron out.

For at least that version with Suggestions we had very little feedback,
but we believe it works well; so maybe the little feedback is also good
news. But Suggestions work very odd on Samsungs. (You need to switch
WiFi off and on for it to connect; it's a modification from Samsung from
the stock Android.) The version with Actions works better, but has a UI
bug and is even more untested. So I guess we should maybe make this a
new beta, and fix the remaining UI bug. The summer vacation interfered
there ;-)

Regards,
Paul

P.S. I actually also think that using server certificates with proper
attributes isn't bad per se ;-)
And in the case of the report, not abuse a CA certificate for a server,
properly consider MitM risks.

There is one more caveat, currently there is a bug in iOS 15 that
affects the installation of a private CA. We hope that Apple fixes this
bug though.




Archive powered by MHonArc 2.6.19.

Top of Page