Skip to Content.

cat-users - Re: [[cat-users]] Fwd: Windows 10 & CAT - TLS Session reuse error

cat-users AT lists.geant.org

Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

List archive


Re: [[cat-users]] Fwd: Windows 10 & CAT - TLS Session reuse error


Chronological Thread 
    < Chronological >      < Thread >
  • From: Stefan Paetow <Stefan.Paetow AT jisc.ac.uk>
  • To: "cat-users AT lists.geant.org" <cat-users AT lists.geant.org>, darren.wheatcroft <darren.wheatcroft AT NOTTINGHAM.AC.UK>
  • Subject: Re: [[cat-users]] Fwd: Windows 10 & CAT - TLS Session reuse error
  • Date: Wed, 22 Dec 2021 15:40:17 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=jisc.ac.uk; dmarc=pass action=none header.from=jisc.ac.uk; dkim=pass header.d=jisc.ac.uk; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=hn4hsxciwUU2L/oLpWgDatcVlLvijm/C7ZO8pVsU2YY=; b=GGG60+uthD+u5qi88c6DBziLkXvds4kyXOoL/cljwKvQOT73wIY39QWNyyr/7QDg2x+3Zd31yYmCY6xA7XGaofF+cirtDa0zdVxr12332zfIUfEKq7haQPY6JKVyVzKa0oQ855yKGXA6+Wzx9UDIqY/yRlJwc8ws/jO8v8lkbqA6wdutBtGepeh6cgMRmRtjMuxYwnVUNgBoi7bJt5yFG9vRWPwT9GizmEwz6uEcNtqVS6ikGkGJf+o8F2JlpNIumQjcm7y0dsAXWF36ckl2Y8htFXkLQvaGn3CqqtMyNSInAs4XqctvDug3TnCooxsEjK3Wh3tlPQQMktZ/KuFTYA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Oqc+KHoVr1VDl1eCBbp4r98pyTyDujSZCWyl2/NzRt7j+TXC0S9NuHYMZDB70ri/7L3OJN2Lt+yOl24ew+dNP/vINLgm3CQya3uAcYyc67iDNbIsimPIJeYRojzQNjW+KZK4X6Ks6Fv+zWqDTpJXGGvOImdvNOBSOMWnc09nnUmg+cp45G0bO2Bt8AcG7/8wRWoFVTfoqgX+9qeP4Mly/wa/Cxp+OcD6rLmD7+VEcWYzux648rQZOpGO3PvgG+CgmDAguNaW8QKXyRdT7XaFDai8NPDo4objhRb3cy1gjvBlxhQL64NPZzuVpB1HbBa+eePgqDQNvnOwQHh9dQfYHw==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=jisc.ac.uk;

Yes, I suspect that is exactly it.

 

Uploading the Comodo AAA certificate should probably resolve the problem if the GEANT cert is shipped along with the server certificate.

 

Regards

 

Stefan Paetow
Federated Roaming Technical Specialist


t: +44 (0)1235 822 125
e-mail/teams: stefan.paetow AT jisc.ac.uk
gpg: 0x3FCE5142

Until 24/12/2021, I am only in the office Tuesdays to Thursdays.

In line with government advice, at Jisc we’re now working from home and our offices are currently closed. Read our statement on coronavirus.


jisc.ac.uk

Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.

 

 

From: <cat-users-request AT lists.geant.org> on behalf of Stefan Winter <stefan.winter AT restena.lu>
Reply to: Stefan Winter <stefan.winter AT restena.lu>
Date: Tuesday, 21 December 2021 at 12:53
To: "cat-users AT lists.geant.org" <cat-users AT lists.geant.org>, "darren.wheatcroft" <darren.wheatcroft AT NOTTINGHAM.AC.UK>
Subject: Re: [[cat-users]] Fwd: Windows 10 & CAT - TLS Session reuse error

 

Hello,

 

could you let us know the old and new roots? If the new root is by any chance AAA Services, I think I have a rough idea...

 

Stefan Winter

 

 

Am 21.12.21 um 13:51 schrieb Stefan Winter:

Hi,

 

forwarding on behalf of Darren Wheatcroft, as the mail was sent to the -request address.

 

Stefan Winter



-------- Weitergeleitete Nachricht --------

Betreff:

Windows 10 & CAT - TLS Session reuse error

Datum:

Mon, 20 Dec 2021 11:57:58 +0000

Von:

Darren Wheatcroft <Darren.Wheatcroft AT nottingham.ac.uk>

An:

cat-users-request AT lists.geant.org <cat-users-request AT lists.geant.org>

 

Hi,

 

We have recently updated our certificates and the CAT tool has been updated accordingly with the cert chain.

 

Since doing this, no Windows 10 device will connect to eduroam - we get 'Unable to connect to this network' on the client, and 'TLS Session Reuse' on the Clearpass server.

 

MacOS, iOS and Android all connect OK. It isn't our build of Windows 10 as it happens on personal machines as well.

 

Essentially the only thing that changed in the CAT tool this year was the certificate chain.

 

Manually forgetting, then connecting will work every time.

 

Does anyone know of any client side logs we could dig into to see what is going on? This years cert update has been a bit challenging!

 

Kind regards

 

Darren

 

--

Darren Wheatcroft

 

Digital and Technology Services

University of Nottingham

 

 

This message and any attachment are intended solely for the addressee
and may contain confidential information. If you have received this
message in error, please contact the sender and delete the email and
attachment. 
 
Any views or opinions expressed by the author of this email do not
necessarily reflect the views of the University of Nottingham. Email
communications with the University of Nottingham may be monitored 
where permitted by law.
 
 
 

To unsubscribe, send this message: mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-users
Or use the following link: https://lists.geant.org/sympa/sigrequest/cat-users


Archive powered by MHonArc 2.6.19.

Top of Page