Security

Reply
Occasional Contributor I

Onboarding iOS devices: Error in establishing TLS session, error 215

Hi,

my customer is having problems with iOS device onboarding. The provisioning process works fine but the EAP-TLS authentication after that does not. Clearpass is the root CA. Windows machines works fine. Clearpass version is 6.6.10.35654.

 

What could cause the problem? Please let me know if you need more information. Thanks!

identity.pngrequest-details.pngmethod-details.pngocsp-url.png

Frequent Contributor II

Re: Onboarding iOS devices: Error in establishing TLS session, error 215

Can you show the information about your Radius server certificate? Is it self-signed or signed by a CA?

Occasional Contributor I

Re: Onboarding iOS devices: Error in establishing TLS session, error 215

Hi,

it's self-signed. I don't have access to the CP at the moment but everything is default (2048 bit encryption etc).

Frequent Contributor II

Re: Onboarding iOS devices: Error in establishing TLS session, error 215

I think the self-signed cert is the problem here. You should get your Radius cert signed by the onboard CA and try again.

Occasional Contributor II

Re: Onboarding iOS devices: Error in establishing TLS session, error 215

unless you have redirect, your OCSP path in this last screenshot is a http:  not "s"  

 

maybe this is the issue?

Guru Elite

Re: Onboarding iOS devices: Error in establishing TLS session, error 215

I would work with your Aruba partner. There are major configuration issues here.

 

RE: OCSP, the check is done over HTTP, not TLS.


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor I

Re: Onboarding iOS devices: Error in establishing TLS session, error 215

The problem is I am the Aruba partner. Of course contacting tac is always an option. Major configuration issues where? Earlier this has been working like a charm and I really don't know what broke it.

New Contributor

Re: Onboarding iOS devices: Error in establishing TLS session, error 215

Did you find a solution to this? I am just deploying a network and can't get chrome devices to join with the same error. I am inclined to believe it was a change in chrome os. How to satisfy it though?

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: