802.1X eap-tls radius server certificate

Hi all,

i see this question was asked several times but the final answer is still not clear to me. My environment is the following:


  • 802.1X with eap-tls authentication SSID;
  • trying to connect iOS devices only;
  • no chance, by now, to use any MDM.


i manually provide and install user certificate to the device and configure it as identity for the SSID, this is a certificate chain that embeds the same root CA cert that signed our radius server certificate but when i connect to the SSID the first time, the device asks me to "authorize" it (if i do, i can correctly connect ti the SSID).

Is there a way to "pre-authorize" this certificate ? Also, our radius server certificate expires every two years, what happens to users when this will be changed? they will be again asked to authorize it? what if i keep same subject for new certificate?

Thanks in advance

Posted on Oct 12, 2023 1:51 AM

Reply
2 replies

802.1X eap-tls radius server certificate

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.