cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
- From: James Potter <Jim.Potter AT jisc.ac.uk>
- To: "cat-users AT lists.geant.org" <cat-users AT lists.geant.org>
- Subject: [[cat-users]] issues with EAP-TLS profile on Android
- Date: Fri, 5 Apr 2024 13:42:29 +0000
- Accept-language: en-GB, en-US
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=jisc.ac.uk; dmarc=pass action=none header.from=jisc.ac.uk; dkim=pass header.d=jisc.ac.uk; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=fd9erhUGEHrlzV2+s9sZmRdqzvpl0YTSrvQEdmZ0bzQ=; b=hMT+Xb6s83LMmN6WGSnV8LyJO/I51v+Kjs8lQpVOdVlYAtZy51S2kWuv76uo3kGlW358yaPT/4nZ4IE6UDBuRgyZCzmW4XQ9rBI3idpEs0KndYPQjqlS7UIYPFDmiRoX7pN/vrg/1wXe1Y6hgwRmubxopXFHa7He4CTXHEBSlRfs1oD9p8Mni15OnR1YBoYKVyhPy/oiN0rkrQEjGovSQDSbIzrjk0M5k8ogeYjXvN7EyHBk9rDO0x2UABvmS6SzfgiAxK+ThPldkpQVO1XA8dolbHNoZxM+zKXtyor99zGMcDINNHu26k+TkhOhFPICeHr3/iZAAbLRQ/pXi/gqbQ==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VuozpCOtiSbxbg+CykAcFRmhMBFJUO38KUTZ3hL1jQWndA0BJk5dQJ+k/nWKzitvvrFru4KBkGZw4bhaed5ACKZdT5mCft8xUFCHY8c1J2j3gZcACrLb/udFEBXAJWtWtB3MDq7dgCLndAecKyCV0GwCSU2AoRGJO4mCwC+xoSBm7jDOQWWoUcGB0JRtWvbiH1+iAiJ1fp6BWPhrneE0fjN8zpI+9cTr7bqpcash5Dsd6Wht8oeKn5LIxsT35iIJjg1Bj3uxMdch2i6g900b9w5xDN1VoYbpBnYJgVhl1sZQjXNpHqQtuLyb/Dv6YbSFQA8XYlK3T80Bh2yjymob8w==
- Msip_labels: MSIP_Label_23fbfc4d-4f2b-405b-9635-512bd5247bcf_ActionId=5b585e13-a200-4883-93b1-b3112fbca7a6;MSIP_Label_23fbfc4d-4f2b-405b-9635-512bd5247bcf_ContentBits=0;MSIP_Label_23fbfc4d-4f2b-405b-9635-512bd5247bcf_Enabled=true;MSIP_Label_23fbfc4d-4f2b-405b-9635-512bd5247bcf_Method=Privileged;MSIP_Label_23fbfc4d-4f2b-405b-9635-512bd5247bcf_Name=Confidential - External;MSIP_Label_23fbfc4d-4f2b-405b-9635-512bd5247bcf_SetDate=2024-04-05T13:42:04Z;MSIP_Label_23fbfc4d-4f2b-405b-9635-512bd5247bcf_SiteId=48f9394d-8a14-4d27-82a6-f35f12361205;
- Sensitivity: company-confidential
|
Hi all,
I’m trying to get CAT working with eap-tls + client certs. I’ve got a pretty straightforward way of getting client certs installed into the cert store on BYOD devices, I’m just struggling to get the SSID profile to apply nicely.
My home service will take the SAN UPN of the certificate as the username, so ideally the user will be asked to install the CA, pick a client certificate from a list and that’s it – no need to enter a username.
I’ve got this working (connecting to eduroam with all the correct settings) if I set it up manually on Windows and Android; GetEduroam on windows is mostly right but Android just crashes when I select the CAT profile.
Here are sample profiles:
(And various others under UK Federation tenancy)
Configs of the above are:
Profile ‘..with specific outer’ has an additional enable anonymous outer identity ticked, value = tls
Testing (GetEduroam):
(I haven’t got a Mac or IOS to test here)
So – any top tips why Android is crashing (app just closes)? I’ve tried a bunch of variations in settings but get the same crash every time.
Any pointers here would be great
Thanks,
Jim Jisc
|
- [[cat-users]] issues with EAP-TLS profile on Android, James Potter, 04/05/2024
- Re: [[cat-users]] issues with EAP-TLS profile on Android, Paul Dekkers, 04/05/2024
- RE: [[cat-users]] issues with EAP-TLS profile on Android, James Potter, 04/16/2024
- Re: [[cat-users]] issues with EAP-TLS profile on Android, Paul Dekkers, 04/05/2024
Archive powered by MHonArc 2.6.24.