WiFi: Eduroam Certificate Warning

Overview

eduroam (education roaming) is the secure, worldwide roaming access service developed for the international research and education community. 

Information

When connecting to eduroam for the first time, it is normal to see the following message:

"The server radius.ns.utk.edu presented a valid certificate issued by [USERTrust RSA Certification Authority] or [AAA Certificate Services], but [USERTrust RSA Certification Authority] or [AAA Certificate Services] is not configured as a valid trust anchor for this profile"

 

This warning is due to the wireless client not being configured to expect a TLS certificate with the name of 'radius.ns.utk.edu', which was issued by [USERTrust RSA Certification Authority] or [AAA Certificate Services].  When you connect to an HTTPS website, the user enters the URL (e.g.https://www.utk.edu).  The browser can validate that the entered URL matches the certificate and that the issuer of the certificate is trusted.  On a new wireless connection using the WPA2-Enterprise security protocol, the client doesn't know what the name of the certificate should be, so it must ask the user to verify that it is correct. 

For eduroam, our certificate uses the name 'radius.ns.utk.edu'.  The root CA for the certificate is [USERTrust RSA Certification Authority] or [AAA Certificate Services].

Print Article

Details

Article ID: 113606
Created
Tue 8/11/20 6:33 PM
Modified
Fri 6/30/23 2:28 PM
Environment
Wireless Network

Related Articles (2)

Eduroam is the University's secure wireless network. It is a world-wide roaming access service developed for the international research and education community.