Skip to Content.
Sympa Menu

geteduroam - RE: [External] RE: geteduroam app issues on iPhone

Subject: An open discussion list for topics related to the geteduroam service

List archive

RE: [External] RE: geteduroam app issues on iPhone


Chronological Thread 
    < Chronological >      < Thread >
  • From: Daniel Sheppard <da.sheppard AT uwinnipeg.ca>
  • To: Hunter Fuller <hf0002 AT uah.edu>
  • Cc: Paul Dekkers <paul.dekkers AT surf.nl>, "geteduroam AT lists.geant.org" <geteduroam AT lists.geant.org>
  • Subject: RE: [External] RE: geteduroam app issues on iPhone
  • Date: Mon, 22 Apr 2024 22:31:16 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=uwinnipeg.ca; dmarc=pass action=none header.from=uwinnipeg.ca; dkim=pass header.d=uwinnipeg.ca; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=HQTvVfsmRKAjJSoThpj2XWkhDScbDspLBJC2u0spels=; b=RS2F/ko+BkOAJs7NBHoZmx+JGDMQvYn/SoU7sMtYilu+BfIE+tVuKk+Sg7WFqR17FSl9zDECPtW/bin64UACHL4tK+hsnQiv/KrdYqaJD8qI5bM58Zbpg8ZeHbn/HVTNzTIRDfdWEhYTIrpEMn4uRxQ5/weW8PF6eI6hfMK8fkJ4lY08gZ22dj7Wfos462BcPvclLp4Gk6kmUKlc1zvEqG5GPiGm1H1K+ZwZpKGXwaX02x4/+9YSA7sPY7tHS3disKUiA4bSXP3hr7CLricxRiK5oXc5X1vwo6vwRdAWppLm8UDwyAfyA9fCGzqhDEtBOIgi0VzLGOPZPXctyn3sQA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=M8oCcvVI9m8Zu2hkcRuSF4t4F6bkWopR86JOrPGJywCUXTQX5mRno8puJoLM2/lxAmKKU6xc0F6ALdxZJYd2lrTGth8SgmjhOgI/bbZ/gRHBCFdoiS1AAq/PviodMYmVtBNf5YGpgBp9ZS/zVXppjOHG5ltAX00CHxGBspN/kMxSg5bfCwPeLAeIHzO/8uACvifTROAXCIFRsjn+fJNFrkfCwvpU3x6quJeqHB6TBdVXF9cCdqks84EKTxOCztFy++vQhk5UkI0ZFU5T41vQ0hXIzrLoTW2Q+OeGect0i01CtXFvzG31X//yKyGqITFZM3NQymSBdW2MJZ/ts9D2JA==
  • Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=uwinnipeg.ca;

Correct.

 

I did verify the PEM attached does match the one in our CAT configuration.

 

Thanks,

 

Dan

 

From: Hunter Fuller <hf0002 AT uah.edu>
Sent: Monday, April 22, 2024 3:32 PM
To: Daniel Sheppard <da.sheppard AT uwinnipeg.ca>
Cc: Paul Dekkers <paul.dekkers AT surf.nl>; geteduroam AT lists.geant.org
Subject: Re: [External] RE: geteduroam app issues on iPhone

 

You don't often get email from hf0002 AT uah.edu. Learn why this is important

Notice: This is external email. Verify the sender and use caution with any content.

 

Can you reply and attach the certificate (public portion only obviously) that you have uploaded into the CAT admin ui?

 

And your user domain is uwinnipeg.ca right?


--
Hunter Fuller (they)
Lead Router Jockey
VBH M-1C
+1 256 824 5331

Office of Information Technology
The University of Alabama in Huntsville
Network Engineering

 

 

On Mon, Apr 22, 2024 at 1:19 PM Daniel Sheppard <geteduroam AT lists.geant.org> wrote:

Hey Paul,

 

Thanks for taking a look at this.

 

With out situation, we re-issued the root CA key (eduroam was updated almost right after).

 

We were using the latest (at the time, almost a week or 2 now so perhaps there was a more recent update) and also tested removing the app and re-installing the app.

 

Here is what we did on one phone to try and get it working (it did not work):

 

  1. Forget the eduroam SSID
  2. Download the geteduroam app (using a different SSID)
  3. Find our profile and install (enter username and password, etc)

 

We did vary this on a few devices (not forgetting the SSID, etc), but the process was fairly straightforward, however in all cases we could not get them connected.

 

Thanks,

 

Dan

 

From: Paul Dekkers <paul.dekkers AT surf.nl>
Sent: Monday, April 22, 2024 12:59 PM
To: Daniel Sheppard <da.sheppard AT uwinnipeg.ca>; geteduroam AT lists.geant.org
Subject: Re: geteduroam app issues on iPhone

 

You don't often get email from paul.dekkers AT surf.nl. Learn why this is important

Notice: This is external email. Verify the sender and use caution with any content.

 

Hi,

We tested the migration of CAs and simulaneous use of different CAs, and that worked well on iOS (among others), so it's not an issue I recognize.

I'll see what I can find/reproduce. Can you confirm you're on the latest geteduroam iOS update? (Does it work if you deinstall the App and reinstall?)

Regards,
Paul

 

On 17/04/2024 16:32, Daniel Sheppard (via geteduroam Mailing List) wrote:

Hello,

 

We recently changed the root certificate used to sign our EAP server certificate and we are having an issue with iPhone devices and the geteduroam app.

 

What I know so far

 

  1. Android works no problem, both on a clean device and a previously configured device
  2. iOS works on a clean device
  3. iOS does not work on a previously configured device
  4. The “cat.eduroam.org” profile manually installed on an iOS device works without any problem
  5. Manually connecting works without any problem

 

The profile itself looks good.  The static and live tests pass in the eduroam admin, but on a previously configured iOS device we always get a “Cannot connect to network” message.

 

We use Cisco ISE as our NAC and it reports a TLS error during the negotiating with the client device.

 

Anyone else experience this?

 

Thanks,
---

Dan Sheppard

Attachment: uwds.pem
Description: uwds.pem


Archive powered by MHonArc 2.6.24.

Top of Page