cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
481
Views
0
Helpful
2
Replies

BYOD authentication vs changing EAP certificate

peter.matuska1
Level 1
Level 1

Hi, I have following question regarding BYOD.

I have self-signed certificate created for EAP. Then letsencrypt for Admin and Portal. I did BYOD onboarding for MAC and iPhone successfully. Everything works.

Then I added EAP under the letsencrypt and tried to reconnect. MAC connected successfully (I had to accept the certificate) but iPhone was rejected.Snímka obrazovky 2019-05-22 o 23.45.20.png

 

So I delete the iPhone completely and did the onboarding again and everything works fine. So my question is what is different between MAC and iPhone since MAC was able to connect and iPhone was not. Was it because the fact that iPhone has the iSE certificate in the profile?

1 Accepted Solution

Accepted Solutions

Timothy Abbott
Cisco Employee
Cisco Employee

Without debug logs, it is hard to say but based on the screenshot, the iPhone didn't like the certificate that was presented by the PSN.  I can tell you that iPhone supplicant can be tempermental in that even though it has a root installed an the certificate being presented from the PSN has been signed by it, iPhone will still make the end user accept the certificate.

 

Regards,

-Tim

View solution in original post

2 Replies 2

Timothy Abbott
Cisco Employee
Cisco Employee

Without debug logs, it is hard to say but based on the screenshot, the iPhone didn't like the certificate that was presented by the PSN.  I can tell you that iPhone supplicant can be tempermental in that even though it has a root installed an the certificate being presented from the PSN has been signed by it, iPhone will still make the end user accept the certificate.

 

Regards,

-Tim

hi,

ok, so lets call it iphone specific behaviour.