What should the certification chain look like on IOS when connected to Wi-Fi 802.1x?

K

Kivadratik2016-07-15 08:37:45

WiFi

Kivadratik, 2016-07-15 08:37:45

My question is this:
The company has a corporate wi-fi from Cisco with a radius server for 802.1x authentication, but none of the SSL certificates we have tried is suitable for IOS. Apple devices display these certificates in their settings as untrusted when connected to Wi-Fi, although if the safari web browser accesses any site with the same wildcard certificate, the safari browser trusts it. Has anyone encountered such a problem? I have seen the list of root CAs for IOS 9.x and know it almost by heart, but unfortunately the certificates signed by the root CAs from the list are not trusted. I currently have a RapidSSL wildcard signed by the root GeoTrust Global CA.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

N

Nikolai Korabelnikov, 2016-07-21
@nmk2002

Most likely 802.1x will not work with a wildcard certificate. As far as I know, there is such a limitation on windows clients. Perhaps the same is true for the iPhone.
Check how authentication works from other devices (for example, a laptop with windows or linux).
Another possibility is that the iphone cannot chain to the root CA. Then the entire chain up to the root certificate must be added to the server.