IOS 11 users are unable to connect to Wifi WPA2. Users receive error about radius.meraki.com certificate issued by GoDaddy is not trusted. If you trust the certificate, it ignore, and will not connect and prompt again when re-connecting.
Is it possible that Meraki is not sending the intermediate certificates?
We just opened a support case about this. Apple devices with iOS 11 and High Sierra no longer support security certificates signed with SHA-1 algorithms.
It seems the certificate for Meraki's Radius Server (radius.meraki.com) is signed with a GoDaddy SHA-1 with RSA Encryption ( 1.2.840.113549.1.1.5 ). This is causing all iOS 11 and High Sierra devices that use Wifi to fail connecting to Meraki APs.
Apple Article
https://support.apple.com/en-us/HT207459
Interesting information. I haven't made any process with Meraki support. The latest they want me to contact Apple.
Have you made any progress?
It seem as they need to re-issue the certificate for radius.meraki.com with SHA-256.
After reading you message, I found this article that I found helpful about SHA1 depreciation.
https://blog.qualys.com/ssllabs/2014/09/09/sha1-deprecation-what-you-need-to-know
@IngramLeedy The GoDaddy cert they're using expires in about a month, so I expect this will be resolved then when it's renewed.
Based on the feedback from Meraki Support, the certificate is renewed. I'm not able to test it. Can anyone confirm it?
Does the iPhone connect automatically again or is some user interaction required? If yes, what?
This issue seemed to resolve. We tested about a week ago and it continues to connect successful today.
seems to be intermittent. on the apple side.
any plans on updating the certificate to something more secure that they still support?