my customer is having problems with iOS device onboarding. The provisioning process works fine but the EAP-TLS authentication after that does not. Clearpass is the root CA. Windows machines works fine. Clearpass version is 220.127.116.11654.
What could cause the problem? Please let me know if you need more information. Thanks!
Can you show the information about your Radius server certificate? Is it self-signed or signed by a CA?
it's self-signed. I don't have access to the CP at the moment but everything is default (2048 bit encryption etc).
I think the self-signed cert is the problem here. You should get your Radius cert signed by the onboard CA and try again.
unless you have redirect, your OCSP path in this last screenshot is a http: not "s"
maybe this is the issue?
I would work with your Aruba partner. There are major configuration issues here.
RE: OCSP, the check is done over HTTP, not TLS.
The problem is I am the Aruba partner. Of course contacting tac is always an option. Major configuration issues where? Earlier this has been working like a charm and I really don't know what broke it.
Did you find a solution to this? I am just deploying a network and can't get chrome devices to join with the same error. I am inclined to believe it was a change in chrome os. How to satisfy it though?
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.