Security

Reply
Highlighted
Occasional Contributor I

Onboarding iOS devices: Error in establishing TLS session, error 215

Hi,

my customer is having problems with iOS device onboarding. The provisioning process works fine but the EAP-TLS authentication after that does not. Clearpass is the root CA. Windows machines works fine. Clearpass version is 6.6.10.35654.

 

What could cause the problem? Please let me know if you need more information. Thanks!

identity.pngrequest-details.pngmethod-details.pngocsp-url.png

Highlighted
Frequent Contributor II

Re: Onboarding iOS devices: Error in establishing TLS session, error 215

Can you show the information about your Radius server certificate? Is it self-signed or signed by a CA?

Highlighted
Occasional Contributor I

Re: Onboarding iOS devices: Error in establishing TLS session, error 215

Hi,

it's self-signed. I don't have access to the CP at the moment but everything is default (2048 bit encryption etc).

Highlighted
Frequent Contributor II

Re: Onboarding iOS devices: Error in establishing TLS session, error 215

I think the self-signed cert is the problem here. You should get your Radius cert signed by the onboard CA and try again.

Highlighted
Occasional Contributor II

Re: Onboarding iOS devices: Error in establishing TLS session, error 215

unless you have redirect, your OCSP path in this last screenshot is a http:  not "s"  

 

maybe this is the issue?

Highlighted
Moderator

Re: Onboarding iOS devices: Error in establishing TLS session, error 215

I would work with your Aruba partner. There are major configuration issues here.

 

RE: OCSP, the check is done over HTTP, not TLS.



If this response is more than 1 year old, it may no longer be accurate. Please consult official Aruba documentation, TAC or your Aruba SE.

| Aruba Alumni | @timcappalli | timcappalli.me |

Highlighted
Occasional Contributor I

Re: Onboarding iOS devices: Error in establishing TLS session, error 215

The problem is I am the Aruba partner. Of course contacting tac is always an option. Major configuration issues where? Earlier this has been working like a charm and I really don't know what broke it.

Highlighted
New Contributor

Re: Onboarding iOS devices: Error in establishing TLS session, error 215

Did you find a solution to this? I am just deploying a network and can't get chrome devices to join with the same error. I am inclined to believe it was a change in chrome os. How to satisfy it though?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: