Following this warning on the change of the root certificate, you need to switch:
From the old T-Telesec GlobalRoot Class 2
certificate, which is called T-TeleSec_GlobalRoot_Class_2.pem
and which was outdated already in November 2023 at another university so that each university will run into this after some time.
To the USERTrust RSA Certification Authority
certificate with the file USERTrust_RSA_Certification_Authority.pem
, which should be already in your certificates folder. If not, you need to follow the guides on the net of how to install eduroam or try finding that certificate and putting it in the same folder where the old certificate is.
Mind the remark of this user:
Keep in mind that Eduroam does not have a central system or a single
CA certificate – each institution runs their own RADIUS servers and
makes those decisions independently (with Eduroam being basically just
a giant routing table), so the certificate that you're seeing depends
entirely on the @domain
specified in your "Anonymous Identity", and
only your own "home" institution's docs can say which CA is the right
one to use.
That tells us why the eduroam deadlines are not the same across all universities and why it likely is not easy to know by staff of each university. The link above showed that it was outdated already in November 2023 at another university while for me, it outdated only in January 2024.
This is how you can switch on Linux, just as an example. You need to go to the settings of eduroam and there, to the security tab:
![enter image description here](https://cdn.statically.io/img/i.sstatic.net/9VnlT.png)
If you click on the certificate, the list of certificates looks like:
![enter image description here](https://cdn.statically.io/img/i.sstatic.net/Q9UrG.png)
On all OS, it should be the same thing, you need the new certificate.