EHLO list! Currently running into an "issue" and want to gather some insight to understand if it is actually a real "issue" or the normal workflow. Here's the situation:
By running PacketFence/FreeRADIUS on a secure SSID using PEAP with valid SSL certificate signed by RapidSSL, we encounter the strange behavior that each client (Microsoft Windows, Apple OSX, Apple IOS) actually prompt the end user to accept/validate the certificate stating that this certificate is signed by a known authority but actually can't be "verified". We tried to send the whole chain right into the certificate, send the chain with the CA_file FreeRADIUS parameter, nothings actually "solve the issue". On another hand, when reaching the captive-portal (which is using the exact same certificate with chain file), the browsers are not complaining and seems like a valid SSL certificate. I'm wondering if it is now a "normal workflow" when connecting to a PEAP secured SSID to ask the end user to accept/validate the chained certificate? Any insight, tricks, ideas are more than welcome. Thanks! Derek -- [email protected] :: +1.514.447.4918 (x110) :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
