Hi all,
After setting up 802.1X on a new SSID (PacketFence 14.1, Let’s Encrypt cert), my iPhone sees the RADIUS cert but flags it as Not Trusted. I double-checked I’m using the right cert. It looks like FreeRADIUS isn’t sending the full chain during EAP (leaf + intermediate), so iOS can’t validate it. Questions: 1. Is there a GUI path in PF to make RADIUS serve the full chain? (Exact menu/fields would help.) 2. If this has to be done manually, which files should I point RADIUS to (fullchain vs cert, CA bundle, etc.), and which service(s) should I reload after changes? 3. For renewals with Let’s Encrypt, what’s the recommended way to keep RADIUS picking up the new full chain automatically? (e.g., a post-renew hook, symlink, and the right reload command?) Thanks in advance for any pointers or examples. Best, Abdlmalik
_______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
