1 Reply
      Latest reply: Feb 1, 2017 4:17 AM by eskimo RSS
      nikonson Level 1 Level 1 (0 points)

        Hi,

        We have problem connecting to wireless network using PEAP authentication on Cisco ISE 2.1

        We installed on ISE certificate signed by thawte root G3

        Based on trusted certificate list (https://support.apple.com/en-us/HT207177) this root should be trusted by iOS 10.2, but it doesn't.

        When I open ISE admin page in Safari/Chrome browsers using SSL with our signed certificate - it trusted.

        But when I try to use certificate chain for EAP - it unverified. What root certificate should I use for EAP authentication?

        Do you plan to fix problem with thawte root certificates?

         

        Regards, Andrey

        • Re: iOS 10.2 does not have thawte root G3 in trusted store
          eskimo Apple Staff Apple Staff (7,530 points)

          AFAICT that root certificate is present in the 10.2 trust store.  I suspect your actual problem here is a missing intermediate, but I’m not sufficiently well versed in PEAP to help you debug that.  You might have better luck over in Apple Support Communities, run by AppleCare, and specifically the in Business and Education topic areas, where you’re more likely to find folks with PEAP experience.

          Share and Enjoy

          Quinn “The Eskimo!”
          Apple Developer Relations, Developer Technical Support, Core OS/Hardware
          let myEmail = "eskimo" + "1" + "@apple.com"