Skip to main content

I have configured the network settings and deployed to 250 device and 60 % of device its got success and wifi is auto connected (certificate - certroot A) and no issue and only 40 % of device is having issue (certroot B) and not getting conneted and getting below error all the time.

once thing i noted without network settings its working fine user able to connect the wifi only when i apply that certificate and network settings its getting below error & certificate is valid and same i am using in jamf for the deployment & its trusted in jamf aswell.

2024-04-19 13:53:35.239211+0200 localhost eapolclient[8831]: [com.apple.eapol:Client] en0 START uid 501 gid 20 2024-04-19 13:53:35.275909+0200 localhost eapolclient[8831]: [com.apple.eapol:Client] EAP identity privacy is not required 2024-04-19 13:53:35.281989+0200 localhost eapolclient[8831]: [com.apple.eapol:Client] en0: 802.1X User Mode 2024-04-19 13:53:35.546909+0200 localhost eapolclient[8831]: (EAP8021X) [com.apple.eapol:Client] output handler received message_length: [154], is_complete:[false] 2024-04-19 13:53:35.546931+0200 localhost eapolclient[8831]: (EAP8021X) [com.apple.eapol:Client] [output_handler]: updated handshake status to [errSSLWouldBlock]:[-9803] 2024-04-19 13:53:35.637896+0200 localhost eapolclient[8831]: (EAP8021X) [com.apple.eapol:Client] trust exception not applied, trust settings not applied 2024-04-19 13:53:35.640513+0200 localhost eapolclient[8831]: (EAP8021X) [com.apple.eapol:Client] SecTrustEvaluateWithError failed, Error Domain=NSOSStatusErrorDomain Code=-67602 "“IT-S-RAD.XXX.com” certificate name does not match input" UserInfo={NSLocalizedDescription=“IT-S-RAD.XXX.com” certificate name does not match input, NSUnderlyingError=0x13a9114e0 {Error Domain=NSOSStatusErrorDomain Code=-67602 "Certificate 0 “IT-S-RAD.XXX.com” has errors: Trusted EAP hostname does not match name(s) in certificate;" UserInfo={NSLocalizedDescription=Certificate 0 “IT-S-RAD.XXX.com” has errors: Trusted EAP hostname does not match name(s) in certificate;}}} 2024-04-19 13:53:35.640539+0200 localhost eapolclient[8831]: (EAP8021X) [com.apple.eapol:Client] server certificate not trusted status 1001 -9807 2024-04-19 13:53:35.640582+0200 localhost eapolclient[8831]: (EAP8021X) [com.apple.eapol:Client] output handler received message_length: [7], is_complete:[false] 2024-04-19 13:53:35.640594+0200 localhost eapolclient[8831]: (EAP8021X) [com.apple.eapol:Client] [output_handler]: updated handshake status to [errSSLWouldBlock]:[-9803] 2024-04-19 13:53:35.640704+0200 localhost eapolclient[8831]: [com.apple.eapol:Client] en0 EAP-TLS: authentication failed with status 1001 2024-04-19 13:53:35.645405+0200 localhost eapolclient[8831]: [com.apple.eapol:Client] State=Held Status=SecurityError (1001): errSSLXCertChainInvalid (-9807): <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>AdditionalProperties</key> <dict> <key>TLSServerCertificateChain</key> <array> <data> MIIGqTCCBJGgAwIBAgITHQAC9XiFH3YX5Tno/AAFAAL1eDANBgkq hkiG9w0BAQsFADBwMQswCQYDVQQGEwJDSDEPMA0GA1UECBMGWnVy aWNoMQ8wDQYDVQQHEwZadXJpY2gxJDAiBgNVBAoTG0FCQiBJbmZv cm1hdGlvbiBTeXN0ZW1zIEx0ZDEZMBcGA1UEAxMQQUJCIElzc3Vp bmcgQ0EgMzAeFw0yMzA0MTIxMjIwMDZaFw0yNTA0MDExMjIwMDZa MGQxCzAJBgNVBAYTAkNIMQ8wDQYDVQQHEwZadXJpY2gxIjAgBgNV BAoTGUFCQiBBc2VhIEJyb3duIEJvdmVyaSBMdGQxIDAeBgNVBAMT F0lULVMtUkFEMDAwMy5pdC5hYmIuY29tMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEArcW8wIT8lZPXs8iAt4x9U6GjXJ16 xPuCGzWcEOERahE6mTn+VHcgyodyP0wsR1D2lRpqyW2DNlUX8 MALObl5mYZkJ1NBuxP6FaDxz+M/pnkXrQqxJIFs8ipa7ArpHGD6z J6Ag5fo5QTqFITIUAp5nW90fjeYi5HyH9SB3VxIczO5<…> 2024-04-19 13:53:37.088668+0200 localhost eapolclient[8831]: [com.apple.eapol:Client] en0 STOP
Be the first to reply!