WiFi News – Part 1: New Certificate for the RADIUS Server • IT Center Blog

WiFi News – Part 1: New Certificate for the RADIUS Server

May 17th, 2023 | by Nikolic, Jelena

Front view of smartphone and WiFi router

For the expiration of the server certificate of our authentication server radius.rz.rwth-aachen.de the certificate on the system will be exchanged on May 23, 2023. This has already been announced in the status message portal.

You will be affected by these changes the next time you log in to eduroam. What you have to do to continue using the WiFi, we explain in the following blog post.

New RADIUS Certificate

The server certificate of the RADIUS server is usually renewed every 13 months. On May 27, 2023, the current server certificate will expire. For this reason, a migration from the old server certificate for the RADIUS server to the new certificate will take place on May 23, 2023. The migration will normally be almost imperceptible for you.

What Does This Mean for Eduroam?

After the exchange of the server certificate on radius.rz.rwth-aachen.de, the operating system will indicate the change with a message. This will happen the next time you log in to eduroam after the target date. When connecting to the WiFi, users will be prompted to decide whether a WiFi connection should be established or not.

The message is displayed in full by clicking on “Show certificate details”. The certification authority and the fingerprint, which represents the uniqueness of a server, are shown to you. It is important to make sure that the displayed fingerprint matches the fingerprint of the new certificate.

Message with fingerprint when logging into eduroam

Source: Own illustration

Fingerprints

For your orientation we have summarized the fingerprints of the RADIUS server on IT Center Help. In this overview, first look for the authority that issued the certificate, such as DFN-Verein Global Issuing CA. Depending on which operating system is used, the SHA1 fingerprint, the SHA256 fingerprint or the serial number is requested. You then compare these fingerprints in IT Center Help with the ones displayed to you when you connect to eduroam.

The reason for matching the fingerprints is that hackers cannot simply grab network access data from users who click “Connect” without verification. Just as human fingerprints are unique, so are those of servers.

If the fingerprint does not match, you have the following two options:

note the time, location, and fingerprint. Then report it to the IT-ServiceDesk via e-mail.
go to another location and try again to log in to eduroam.

Further help and configuration instructions for the corresponding operating systems can also be found on IT Center Help.

In the second part of the WiFi News blog series, we will give you a general overview of the relationship between certificates and eduroam.

Responsible for the content of this article is Jelena Ćulum.

Kategorie: General, Announcements, IT-Security, IT-Managers, Employees, Students
Schlagworte: eduroam, RADIUS, WLAN, Zertifikate
Kommentare und Trackbacks sind geschlossen

Comments are closed.

Entries Comments

Language:
- Deutsch
- English
Welcome!

Glad you’re here.

On the IT Center Blog we publish articles on current topics, provide information and introduce people, services and much more around the IT Center of RWTH Aachen University.

Feel free to comment on our posts to get involved and get in touch with us – the opportunity for a lively exchange.

We hope you enjoy reading our articles or browsing through the various categories.
Categories

Categories
read more…
Follow Us

IT Center Blog