cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

IOS 11 -> WPA2 Wifi radius.meraki.com godaddy certificate not trusted

Highlighted
Here to help

IOS 11 -> WPA2 Wifi radius.meraki.com godaddy certificate not trusted

IOS 11 users are unable to connect to Wifi WPA2. Users receive error about radius.meraki.com certificate issued by GoDaddy is not trusted. If you trust the certificate, it ignore, and will not connect and prompt again when re-connecting.

 

Is it possible that Meraki is not sending the intermediate certificates?

6 REPLIES 6
Highlighted
New here

Re: IOS 11 -> WPA2 Wifi radius.meraki.com godaddy certificate not trusted

We just opened a support case about this. Apple devices with iOS 11 and High Sierra no longer support security certificates signed with SHA-1 algorithms.

It seems the certificate for Meraki's Radius Server (radius.meraki.com) is signed with a GoDaddy SHA-1 with RSA Encryption ( 1.2.840.113549.1.1.5 ). This is causing all iOS 11 and High Sierra devices that use Wifi to fail connecting to Meraki APs.

Apple Article
https://support.apple.com/en-us/HT207459

Highlighted
Here to help

Re: IOS 11 -> WPA2 Wifi radius.meraki.com godaddy certificate not trusted

Interesting information. I haven't made any process with Meraki support. The latest they want me to contact Apple.  

 

Have you made any progress?   

 

It seem as they need to re-issue the certificate for radius.meraki.com with SHA-256.

 

After reading you message, I found this article that I found helpful about SHA1 depreciation. 

https://blog.qualys.com/ssllabs/2014/09/09/sha1-deprecation-what-you-need-to-know

 

 

 

Highlighted
Kind of a big deal

Re: IOS 11 -> WPA2 Wifi radius.meraki.com godaddy certificate not trusted

@IngramLeedy The GoDaddy cert they're using expires in about a month, so I expect this will be resolved then when it's renewed. 

MRCUR | CMNO #12
Highlighted
New here

Re: IOS 11 -> WPA2 Wifi radius.meraki.com godaddy certificate not trusted

Based on the feedback from Meraki Support, the certificate is renewed. I'm not able to test it. Can anyone confirm it?

Does the iPhone connect automatically again or is some user interaction required? If yes, what?

Highlighted
Here to help

Re: IOS 11 -> WPA2 Wifi radius.meraki.com godaddy certificate not trusted

This issue seemed to resolve. We tested about a week ago and it continues to connect successful today.

Highlighted
New here

Re: IOS 11 -> WPA2 Wifi radius.meraki.com godaddy certificate not trusted

seems to be intermittent. on the apple side.

any plans on updating the certificate to something more secure that they still support?

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.