9

Eduroam does not work anymore from one day to the other, checked on many devices:

  • At first, I ran into this on my Linux laptop.

  • Then, my iPhone iOS tried to connect again and again, always dropping the connection at once. But after some time or by tapping around, not sure what I did, I got a prompt that let me accept a new certificate. After that, on my mobile phone, it worked again.

How can I fix this on my other devices and other OS? Is the certificate outdated?

Improve this question

1 Answer 1

Reset to default
10

Following this warning on the change of the root certificate, you need to switch:

  • From the old T-Telesec GlobalRoot Class 2 certificate, which is called T-TeleSec_GlobalRoot_Class_2.pem and which was outdated already in November 2023 at another university so that each university will run into this after some time.

  • To the USERTrust RSA Certification Authority certificate with the file USERTrust_RSA_Certification_Authority.pem, which should be already in your certificates folder. If not, you need to follow the guides on the net of how to install eduroam or try finding that certificate and putting it in the same folder where the old certificate is.

Mind the remark of this user:

Keep in mind that Eduroam does not have a central system or a single CA certificate – each institution runs their own RADIUS servers and makes those decisions independently (with Eduroam being basically just a giant routing table), so the certificate that you're seeing depends entirely on the @domain specified in your "Anonymous Identity", and only your own "home" institution's docs can say which CA is the right one to use.

That tells us why the eduroam deadlines are not the same across all universities and why it likely is not easy to know by staff of each university. The link above showed that it was outdated already in November 2023 at another university while for me, it outdated only in January 2024.

This is how you can switch on Linux, just as an example. You need to go to the settings of eduroam and there, to the security tab:

enter image description here

If you click on the certificate, the list of certificates looks like:

enter image description here

On all OS, it should be the same thing, you need the new certificate.

Improve this answer
1
  • 8
    Keep in mind that Eduroam does not have a central system or a single CA certificate – each institution runs their own RADIUS servers and makes those decisions independently (with Eduroam being basically just a giant routing table), so the certificate that you're seeing depends entirely on the @domain specified in your "Anonymous Identity", and only your own "home" institution's docs can say which CA is the right one to use.
    – grawity_u1686
    Commented Jan 6 at 18:41

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .