this post was submitted on 21 May 2025
5 points (100.0% liked)

networking

3085 readers
1 users here now

Community for discussing enterprise networks and the ensuing chaos that comes after inheriting or building one.

founded 2 years ago
MODERATORS
manifex
[email protected]
5
enterprise wifi auth and 47-day TLS certs (lemmy.world)
submitted 3 days ago* (last edited 3 days ago) by [email protected] to c/networking
3 comments fedilink hide all child comments
 

Has anybody heard if the upcoming 47-day maximum on TLS cert lifetime will apply to Enterprise wifi auth using private PKI (especally on IOS and Android)?

We have a campus CA that signs the TLS cert used by RADIUS when students connect to wifi using personal devices. Freshman need to accept the cert once (hopefully after checking the fingerprint), then usually one more time before graduation. Every 47 days would be difficult.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 3 days ago* (last edited 3 days ago)

Is the campus CA internal? I don't think TLS libraries will complain. I'm still using 2-year certs internally in my org without problems, and that's for web applications. My homelab internal certs (server to server) are still using in-house 5-year certs.