Security

Reply
Occasional Contributor II
Posts: 18
Registered: ‎05-24-2012

Apple Notebooks refuse to accept the CA cert after renewing the Radius certificate.

Hello,

 

I have a strange problem that I can't seem to solve. A little over a year ago I have setup our environment with a Aruba 3200XM controller and several 105 and 135 accesspoints. Everything worked very nice and Radius authentication against the OpenLDAP environment worked very good as well.

 

Now I had to renew the certificate for the Radius server because I had set the certificate to expire after a year. This wasn't a problem because I could just resign the CSR that was on my certificate signing server and I replaced the cert. This was fine for everyone and I haven't heard any problems from Windows or Linux users.

 

The Apple users are having some issues though that they didn't have before. Every time they try to authenticate they have to accept the certificates they are offered and the client denies to accept the CA as a vallid signing CA. This is not with all apple users though. iPad's and some iPhones just work fine.

 

Has anyone seen this problem before, and has anyone seen a sollution for this?

 

Jan Hugo Prins

 

Frequent Contributor I
Posts: 126
Registered: ‎07-06-2010

Re: Apple Notebooks refuse to accept the CA cert after renewing the Radius certificate.

Have you tried deleting the wireless profile on the mac?  We have seen this on a couple of macs as well (we have been testing BYOD scenarios with our 802.1x and noticed when moving from test to production (we decided to go with a digicert cert instead of self signed), that some macs would just not authenticate until we removed the old profile.

Occasional Contributor II
Posts: 18
Registered: ‎05-24-2012

Re: Apple Notebooks refuse to accept the CA cert after renewing the Radius certificate.

I just tested this sollution this morning and sadly it doesn't work at all.

 

As a sidenote: iPad's and iPhone's don't have this issue.

 

Jan Hugo Prins

 

 

Search Airheads
Showing results for 
Search instead for 
Did you mean: