[RADIATOR] Radiator, WPA2, certificates and untrusted

Jesper Skou Jensen jesper.skou.jensen at stil.dk
Tue Sep 1 08:48:49 CDT 2015


Hello people,

I'm in the process of renewing a certificate for our Radiator setup and I've run into a bit of problem.

The problem is that I can't get clients to trust the WPA2 certificate when connecting to the network. Eg. Windows 7, an iPhone and probably other clients  too.

On the iOS I keep getting the message "Not Trusted" when logging on to the network the first time and on both Windows and iOS I have to accept the certificate before getting logged on.

I'm wondering if that's the way it's supposed to work or if I've done something wrong with my Radiator config?


It's a Enterprise WPA2 setup.

Running Radiator version 4.15 on Linux.

The certificate is signed by COMODO and should be trusted by various browsers, phones, etc.

The certificate specific part of the radiator configuration is like this:

EAPTLS_CAPath %D/certificates/ca-certs
EAPTLS_CertificateChainFile %D/certificates/server-chain
EAPTLS_CertificateType PEM
EAPTLS_PrivateKeyFile %D/certificates/server-key

ca-certs only one file "AddTrustAB.pem" that has the CA Root certificate.
server-key is my private key.
server-chain first has my public key followed by two intermediate certs.


Does that sound about right, or have you got any recommendations?


Regards
Jesper Skou Jensen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20150901/8f4872c8/attachment.html 


More information about the radiator mailing list