@TheoStav wrote: Going back to this, because its a public CA he is using... Wouldnt devices just trust it ? isnt that the point of purchasing a public CA rather than use a self-signed ? Aa SSL certificate on a server says I am the legit owner of a DNS entry. If you used the same DNS entry to access that server then you are talking to the legit owner. For WiFi authentication the system does not connect to a DNS name. It merely sees a certificate, and there is no way to verify that whoever is presenting it has a right to use it. A lot of WiFi clients don't like seeing a self signed certificate. However if you make a self signed CA certificate, and then create a certificate from that for the WiFi authentication, and you load your CA certificate into the client, then the client will be happy. So you can use a public SSL certificate, but the client will still present a prompt asking if you trust it - because it doesn't. Or you pre-install your own CA certificate, and the client gets no prompt, because it knows that it can trust it.
... View more