Home > Wireless LAN > Encryption and Authentication > Bypassing Server Certificate Validation for Troubleshooting

Bypassing Server Certificate Validation for Troubleshooting

Table of contents
No headers

​A fundamental component of RADIUS is a client's validation of the RADIUS server's identity. This is accomplished by hosting a certificate on the RADIUS server that has been validated by a trusted Certificate Authority (CA). If a self-signed certificate (or any certificate from an untrusted CA) is in use, most clients will reject the connection since they cannot validate the server's identity.

For troubleshooting purposes, server certificate validation can be disabled on one or multiple clients, allowing those clients to connect regardless of the certificate in use.

Note: It is strongly recommended to address this issue by using a trusted certificate. Disabling server validation as a permanent resolution introduces security risks on the network.

 

To disable the validation of server certificates in Windows 7:

  1. Navigate to Control Panel > Network and Sharing Center > Manage wireless networks.
    Note: If presented with different options, switch from View by Categories to either small or large icons.
  2. Right-click the network in question and choose Properties.
  3. On the Security tab, click Settings.
  4. Along the top, uncheck the box for Validate server certificate.

If using OS X, sometimes it can take up to 10 seconds for authentication to complete. This can occur if the if the RADIUS certificate, or any certificate in the chain, is configured or CRL or OCSP. Please refer to Apple support for more details.

For additional information on Meraki RADIUS configuration, please refer to the following article:

You must to post a comment.
Last modified
13:57, 2 Sep 2016

Tags

This page has no custom tags.

Classifications

This page has no classifications.

Article ID

ID: 1665

Contact Support

Most questions can be answered by reviewing our documentation, but if you need more help, Cisco Meraki Support is ready to work with you.

Open a Case