Security

 View Only
  • 1.  Radius Certificate Trust Issue on iPhone Devices

    Posted Oct 21, 2024 09:20 AM

    Hi everyone,

    I'm currently dealing with a RADIUS certificate issued by the CA authority Sectigo, which is trusted only on iPhone devices. However, I'm not experiencing this issue on Android or Windows.

    The client is connecting to Wi-Fi using a username and password with the SSID, and they are successfully connecting. Has anyone encountered a similar issue with iPhone devices, and if so, what was the solution? This issue seems to occur exclusively on iPhones.



    ------------------------------
    yaser
    ------------------------------


  • 2.  RE: Radius Certificate Trust Issue on iPhone Devices

    Posted Oct 21, 2024 10:14 AM

    I'd think that is expected, as unless you pre-configure your client to trust the certificate, there is no way it can know if the certificate is trusted for your SSID.

    Check here for a more detailed write up.



    ------------------------------
    Herman Robers
    ------------------------
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.
    ------------------------------



  • 3.  RE: Radius Certificate Trust Issue on iPhone Devices

    Posted Oct 21, 2024 01:58 PM

    @Herman Robers is correct.  You need an MDM for this use-case.  You also should NOT be using PEAP/MS-CHAPv2.  It uses MD5 and is broken from an encryption prospective.  Migrate to EAP-TLS instead.