Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

Upon closer inspection, I believe that my fears were overblown. It seems that what ACTUALLY changed in the certificate was the friendly name, and the root CA is still the same. I only discovered this when I imported the 'new' root CA into our eduroam CAT config and saw that all of the properties

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

Going back to the original issue: On 2021-08-09 07:32:19-0400, Jonathan Miller wrote: > [...] > The certificate are issued through InCommon, and when I renewed our > expiring certificate, I noticed that it is showing that is has a root > of Sectigo, where it was previously Comodo. The certificate

RE: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

RV.EDUCAUSE.EDU> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root You don't often get email from jmill...@fandm.edu<mailto:jmill...@fandm.edu>. Learn why this is important<http://aka.ms/LearnAboutSenderIdentification> Thank

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

ppened tomorrow, it could be a decade or more > before there was broad support, and more importantly, we could think about > enforcement. > > > > Jeff > > > > > > *From:* The EDUCAUSE Wireless Issues Community Group Listserv < > WIRELESS-LAN@L

Re: [External] Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

SE Wireless Issues Community Group Listserv < >> WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> *On Behalf Of *Tim Cappalli >> *Sent:* Monday, August 09, 2021 8:05 AM >> *To:* WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU >> *Subject:* Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with N

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

on behalf of Jonathan Miller Date: Tuesday, August 10, 2021 at 10:59 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root You don't often get email from jmill...@fandm.edu. Learn why this is important<http://aka

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

<mailto:wne...@wm.edu> / 757-221-7790 From: The EDUCAUSE Wireless Issues Community Group Listserv on behalf of Jonathan Miller Date: Tuesday, August 10, 2021 at 10:59 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root Thank y

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

gt; -- > > *From:* The EDUCAUSE Wireless Issues Community Group Listserv < > WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> on behalf of Jeffrey D. Sessler < > j...@scrippscollege.edu> > *Sent:* Monday, August 9, 2021 10:53 > *To:* WIRELESS-LAN@LISTSERV.EDUCA

RE: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

enforcement. Jeff From: The EDUCAUSE Wireless Issues Community Group Listserv On Behalf Of Tim Cappalli Sent: Monday, August 09, 2021 8:05 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root CA policies really have nothing to do

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root Per the RFC, the certificate-using application _MAY_ require the EAP extended key usage extension to be present. It is not a must or shall, so I’m not exactly sure the problem here. Vendors have chosen against

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

Community Group Listserv on behalf of Doug Wussler <029e57f9967b-dmarc-requ...@listserv.educause.edu> Date: Monday, August 9, 2021 at 7:33 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root Well, here is Microsoft'

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

SE Wireless Issues Community Group Listserv on behalf of Doug Wussler <029e57f9967b-dmarc-requ...@listserv.educause.edu> Sent: Monday, August 9, 2021 10:30 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root You do

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

on behalf of Doug Wussler <029e57f9967b-dmarc-requ...@listserv.educause.edu> Sent: Monday, August 9, 2021 10:30 To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root You don't often get email from 029e57f9967b-dmar

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

<0194c9ecac40-dmarc-requ...@listserv.educause.edu> Sent: Monday, August 9, 2021 8:42 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root A public CA issues certificates for web server authentication (amongst others like code signing and

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

2021 8:36:08 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root You don't often get email from wne...@wm.edu. Learn why this is important<http://aka.ms/LearnAboutSenderIdentification> >> Technically, you're not ev

RE: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

On Behalf Of Jeffrey D. Sessler Sent: Monday, August 9, 2021 10:25 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [EXTERNAL] Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root I'm curious about this and would like to know more. Many operating systems require the Server Auth

RE: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

00194c9ecac40-dmarc-requ...@listserv.educause.edu>> Date: Monday, August 9, 2021 at 8:31 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU<mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU>> Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal wit

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

Issues Community Group Listserv on behalf of Tim Cappalli <0194c9ecac40-dmarc-requ...@listserv.educause.edu> Date: Monday, August 9, 2021 at 5:42 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root A public CA issues certif

RE: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

to:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU> Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root EXTERNAL EMAIL “The validity period is very long.” Now you did it, Thomas. You realize you’re about to get scolded…. ☺ Lee Badman | Network Architect (CWNE#200) Information T

RE: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

I didn’t say how long  399 days is long in today’s terms From: The EDUCAUSE Wireless Issues Community Group Listserv On Behalf Of Lee H Badman Sent: Monday, August 9, 2021 8:53 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

RE: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

SS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root We use an internal CA signed server certificate without issue for EAP-TLS. We are currently using Clearpass onboard & moving to SecureW2. We previously used Incommon for server CA and are mu

RE: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root EXTERNAL EMAIL On Aug 9, 2021, at 07:56, Tim Cappalli <0194c9ecac40-dmarc-requ...@listserv.educause.edu<mailto:0194c9ecac40-dmarc-requ...@listserv.educause.edu>> wrote:

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

On Aug 9, 2021, at 07:56, Tim Cappalli <0194c9ecac40-dmarc-requ...@listserv.educause.edu> wrote: Lets not go down this rabbit hole again. I thought there was a picture of a rabbit and a hole in the dictionary next to “mailing

RE: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

Of Tim Cappalli Sent: Monday, August 9, 2021 8:57 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [EXTERNAL] Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root Lets not go down this rabbit hole again. I was directly answering the question. If you choose to use certificates

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

From: The EDUCAUSE Wireless Issues Community Group Listserv on behalf of James Andrewartha Sent: Monday, August 9, 2021 8:52:03 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root Which is great and I agree

RE: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

equ...@listserv.educause.edu> Date: 9/8/21 20:42 (GMT+08:00) To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root A public CA issues certificates for web server authentication (amongst others like code signing and S/MIME). An EAP

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root You don't often get email from wne...@wm.edu. Learn why this is important<http://aka.ms/LearnAboutSenderIdentification> >> Technically, you're not even supposed to use the certificates

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

ple policies. Tim From: The EDUCAUSE Wireless Issues Community Group Listserv on behalf of Elton, Norman N Sent: Monday, August 9, 2021 8:18:37 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root You don't often

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

Issues Community Group Listserv on behalf of Elton, Norman N Sent: Monday, August 9, 2021 8:18:37 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root You don't often get email from wne...@wm.edu. Learn why this is important<h

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

Date: Monday, August 9, 2021 at 8:03 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root You should never use different EAP server certificates across a RADIUS cluster. Use the same cert across all nodes (in this case take th

Re: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root

Community Group Listserv on behalf of Jonathan Miller Sent: Monday, August 9, 2021 7:32:19 AM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: [WIRELESS-LAN] eduroam CAT Config/Cert Renewal with New Root You don't often get email from jmill...@fandm.edu. Learn why this is important<h