Check
this post, basically the same question. In short: Yes, some people are using public EAP certificates, and it works.
No clients will not automatically trust public certificates, and public certificate authorities for RADIUS EAP certificates are deprecated. IF you absolutely want to have a public certificate, make sure that you have the guarantee that your CA will issue certificates from the same root for the expected running time of your WLAN solution. It's a pain to change to another root CA, and it will require you to touch all of your clients currently only trusting the old root.
------------------------------
Herman Robers
------------------------
If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check
https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.
In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
------------------------------
Original Message:
Sent: Jun 08, 2021 04:27 PM
From: Gary Naeger
Subject: Radius Certificate
Has anyone every got a public cert to work so the client does not have to manually trust the cert?
------------------------------
Gary Naeger
------------------------------