Meraki Authentication Server Certificate Rotations
Overview
As part of a standard yearly certificate rotation to maintain Meraki Authentication security, Meraki rotates the RADIUS server certificate used for Meraki Authentication at a yearly cadence. The following is the expected impact and remediation steps of these yearly rotations. Any Meraki hardware device connected using Meraki Cloud Authentication, should be aware of these yearly certificate rotations. After each yearly rotation, Meraki Cloud Authentication with certificate based authentication will start to use a new certificate.
The example below is a Meraki MR SSID Access Control page which is using Meraki Cloud Authentication with Meraki Systems Manager managed Sentry Wi-Fi.
Meraki Authentication with Sentry Wi-Fi
For Sentry Wi-Fi connected devices, the Wi-Fi profile and certificate are managed by Meraki Systems Manager and thus automatically updated. Users of Meraki Authentication with Systems Manager Sentry Wi-Fi where devices have been were online during the rotation period will have no user-visible impact.
Note: Users with devices which were not online during the rotation period simply need to associate to another SSID to allow the devices to check in with dashboard for long enough (~2 minutes) to allow a check-in cycle to complete in order to receive the updated payload and resume normal operation.
Meraki Authentication without Sentry Wi-Fi
Users of Meraki Cloud Authentication via certificate based authentication without Sentry Wi-Fi will need to 'trust' the new certificate with the below information upon associating to the Meraki Authentication SSID. Some devices may require the SSID to be "forgotten" before they will prompt to accept the new certificate.
Note: See the Certificate Details below for the new certificate.
Trusted Access
Users of a Trusted Access configuration to an SSID will need to re-download their device's Trusted Access configuration from portal.meraki.com on or after the rotation date.
Certificate Details
Below is a copy of the certificate which users will be required to accept, as well as the plaintext output from reading the certificate with openssl.
Certificate details 2023-2024
meraki$ openssl x509 -noout -text -in ./new.meraki-auth-radius.cert
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:a8:0e:38:6b:b9:81:02:9a:78:59:c0:32:71:03:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, O = DigiCert Inc, CN = DigiCert Global G2 TLS RSA SHA256 2020 CA1
Validity
Not Before: Sep 5 00:00:00 2023 GMT
Not After : Sep 3 23:59:59 2024 GMT
Subject: C = US, ST = California, L = San Francisco, O = Meraki LLC, CN = radius.meraki.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (4096 bit)
Modulus:
00:f8:85:7f:81:f9:0d:2e:89:48:c4:18:79:58:22:
4f:a6:66:93:9b:5d:a1:8b:63:26:f6:49:c2:e0:61:
84:e6:4b:a1:27:cb:fb:f8:54:4d:b4:21:46:c3:a2:
7e:b7:05:0c:c7:b8:9f:5e:09:4c:8f:f3:f4:9b:cb:
83:dd:11:af:d8:c5:10:b4:76:e7:99:c9:5a:bf:2f:
06:49:73:4e:16:09:20:22:d8:b8:93:d1:c4:b4:b9:
df:da:6e:67:8c:91:41:a4:c7:f2:d3:ed:6f:6c:3a:
a9:9b:ef:bf:91:9e:7f:7c:73:c6:6c:32:b0:85:05:
9f:bd:58:be:81:aa:af:dc:93:65:10:b0:06:ca:bf:
1a:8f:fb:2e:f5:be:de:f8:88:9d:81:c3:4a:38:97:
2e:a2:37:67:31:89:05:7a:2a:fb:5c:0d:da:10:97:
8a:1b:e4:04:6e:b2:8e:ab:08:23:bc:42:b0:9e:b0:
1a:5d:4d:a8:47:f9:b4:37:a6:c7:a4:cc:c8:a5:4e:
cb:ab:61:17:fc:81:22:5d:34:82:e6:db:39:03:2e:
c8:2a:76:3c:57:b3:aa:f8:e0:fa:37:d9:10:7a:0b:
8f:de:3a:4c:99:be:69:13:ec:62:3e:9e:af:9a:c7:
6c:7d:e4:c6:1b:4c:6d:a9:1d:fe:b1:46:34:a4:c9:
86:80:43:c0:69:96:0d:41:82:84:3d:88:b4:d1:1c:
d4:d2:d0:06:30:81:de:0f:3d:0b:d4:ea:a9:63:5b:
a2:e0:75:b0:b5:2f:14:97:2d:ee:f8:05:fa:99:fa:
7e:e2:da:e2:78:54:5b:18:9c:d6:62:82:05:5b:73:
e1:c0:fa:a1:76:f6:77:18:fb:b9:1b:c6:96:88:62:
9e:84:5a:d7:78:5a:00:87:8d:69:fc:8f:75:25:2e:
14:13:54:44:26:e7:c4:19:4f:b7:89:4b:b0:f2:9a:
78:b5:71:e5:29:f7:b3:3c:32:86:3b:45:06:fb:ab:
8b:30:48:28:b5:96:8c:0e:bb:5a:24:33:8c:52:97:
c0:67:78:d9:2e:14:38:1a:c6:c6:b5:02:41:03:f2:
16:be:a3:48:9d:50:d8:87:1e:87:6e:88:2b:e6:b3:
49:df:6a:fc:30:15:cd:83:79:7e:ad:f2:c4:49:ff:
11:43:65:3f:f0:78:aa:f7:fd:08:b6:19:12:46:46:
24:82:1b:af:61:08:e6:99:f5:f2:f5:2a:fa:d7:e6:
55:40:43:a0:d7:d8:fb:eb:a7:fb:22:0a:57:7f:3e:
ef:b2:d4:26:d6:84:c2:e6:e9:91:85:d9:37:06:f2:
3e:58:f9:37:29:05:bf:b6:1e:4b:97:42:2d:00:eb:
5e:62:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
keyid:74:85:80:C0:66:C7:DF:37:DE:CF:BD:29:37:AA:03:1D:BE:ED:CD:17
X509v3 Subject Key Identifier:
3C:F7:FC:6E:50:0B:16:F3:07:F6:85:22:63:7D:34:12:5D:1A:A0:6E
X509v3 Subject Alternative Name:
DNS:radius.meraki.com
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl3.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
Full Name:
URI:http://crl4.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crl
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.2
CPS: http://www.digicert.com/CPS
Authority Information Access:
OCSP - URI:http://ocsp.digicert.com
CA Issuers - URI:http://cacerts.digicert.com/DigiCertGlobalG2TLSRSASHA2562020CA1-1.crt
X509v3 Basic Constraints: critical
CA:FALSE
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
Timestamp : Sep 5 23:16:13.633 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:12:94:33:EF:4B:16:7A:47:9E:8C:31:1D:
F1:79:72:FF:D2:CB:6B:F6:08:44:20:92:AC:65:78:63:
C4:E4:CB:43:02:21:00:ED:9E:EF:E0:69:BF:D5:68:52:
C2:C8:E8:E3:BF:3A:46:8D:46:B6:F5:43:DD:90:7D:03:
CD:7D:49:18:7E:E5:20
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
Timestamp : Sep 5 23:16:13.610 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:46:02:21:00:E2:9F:CD:0F:62:2F:DD:0A:B2:74:F0:
A0:33:AD:C3:EF:33:4C:8A:BA:AF:2A:9D:AD:65:76:E4:
AA:A2:4A:EF:44:02:21:00:C9:C9:BE:B2:49:C3:1F:1D:
8F:84:49:08:70:95:15:08:3C:59:53:6E:64:8E:DE:49:
AF:72:78:45:5C:BA:A2:14
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : DA:B6:BF:6B:3F:B5:B6:22:9F:9B:C2:BB:5C:6B:E8:70:
91:71:6C:BB:51:84:85:34:BD:A4:3D:30:48:D7:FB:AB
Timestamp : Sep 5 23:16:13.514 2023 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:29:A8:62:63:0B:D5:28:A9:3C:B5:76:D6:
A3:40:E8:E9:3F:B9:43:C2:8A:5C:DA:A5:1C:3F:03:30:
85:12:20:23:02:21:00:B3:DF:34:32:BE:91:CC:14:1B:
95:E9:56:34:37:80:53:A5:61:07:0A:83:CA:88:D5:D0:
9C:23:2D:CF:A8:C9:E6
Signature Algorithm: sha256WithRSAEncryption
2e:08:72:50:90:80:d8:29:2d:18:3e:b2:2c:b7:4c:86:42:68:
1e:df:0c:85:f9:64:f9:a1:01:28:27:05:2f:b3:23:57:31:5a:
d0:26:0d:b1:70:23:8d:3f:70:7f:33:b4:3d:c4:75:cb:0e:f0:
78:31:d3:21:f0:53:f0:47:c1:2e:ac:df:d7:77:e5:16:45:d1:
cf:2e:0d:e4:a7:18:41:12:cd:41:df:53:b6:88:e8:b0:f0:48:
65:4f:78:d5:25:a5:a1:64:53:4b:0d:73:eb:be:58:74:ba:e7:
9c:aa:e1:51:e8:35:9a:64:9e:58:35:1b:9e:7d:71:aa:34:d3:
98:d8:4b:78:63:c6:e5:f9:11:d0:68:17:90:6d:b5:fe:50:2f:
99:a7:c2:c0:42:14:8b:0f:da:22:93:5a:2a:65:a1:cf:75:03:
cb:85:69:93:e8:18:80:28:9e:fc:02:51:c1:23:76:f5:b4:26:
88:44:20:7d:49:f4:8a:d7:d4:e8:5f:fe:67:32:8c:40:ee:1c:
fd:e3:79:f5:10:7b:13:9f:c9:4e:af:c2:82:a4:af:ae:1c:9e:
f6:88:1b:95:53:5a:5d:90:a1:91:00:b9:31:58:38:ac:a7:32:
cf:68:96:9f:95:23:6a:5e:c1:75:ea:68:75:8f:b5:7e:02:42:
3b:79:85:bc
#Meraki Authentication Radius Certificate -----BEGIN CERTIFICATE----- MIIH3jCCBsagAwIBAgIQBKgOOGu5gQKaeFnAMnEDWTANBgkqhkiG9w0BAQsFADBZ MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMTMwMQYDVQQDEypE aWdpQ2VydCBHbG9iYWwgRzIgVExTIFJTQSBTSEEyNTYgMjAyMCBDQTEwHhcNMjMw OTA1MDAwMDAwWhcNMjQwOTAzMjM1OTU5WjBrMQswCQYDVQQGEwJVUzETMBEGA1UE CBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzETMBEGA1UEChMK TWVyYWtpIExMQzEaMBgGA1UEAxMRcmFkaXVzLm1lcmFraS5jb20wggIiMA0GCSqG SIb3DQEBAQUAA4ICDwAwggIKAoICAQD4hX+B+Q0uiUjEGHlYIk+mZpObXaGLYyb2 ScLgYYTmS6Eny/v4VE20IUbDon63BQzHuJ9eCUyP8/Sby4PdEa/YxRC0dueZyVq/ LwZJc04WCSAi2LiT0cS0ud/abmeMkUGkx/LT7W9sOqmb77+Rnn98c8ZsMrCFBZ+9 WL6Bqq/ck2UQsAbKvxqP+y71vt74iJ2Bw0o4ly6iN2cxiQV6KvtcDdoQl4ob5ARu so6rCCO8QrCesBpdTahH+bQ3psekzMilTsurYRf8gSJdNILm2zkDLsgqdjxXs6r4 4Po32RB6C4/eOkyZvmkT7GI+nq+ax2x95MYbTG2pHf6xRjSkyYaAQ8Bplg1BgoQ9 iLTRHNTS0AYwgd4PPQvU6qljW6LgdbC1LxSXLe74BfqZ+n7i2uJ4VFsYnNZiggVb c+HA+qF29ncY+7kbxpaIYp6EWtd4WgCHjWn8j3UlLhQTVEQm58QZT7eJS7Dymni1 ceUp97M8MoY7RQb7q4swSCi1lowOu1okM4xSl8BneNkuFDgaxsa1AkED8ha+o0id UNiHHoduiCvms0nfavwwFc2DeX6t8sRJ/xFDZT/weKr3/Qi2GRJGRiSCG69hCOaZ 9fL1KvrX5lVAQ6DX2Pvrp/siCld/Pu+y1CbWhMLm6ZGF2TcG8j5Y+TcpBb+2HkuX Qi0A615i/QIDAQABo4IDjjCCA4owHwYDVR0jBBgwFoAUdIWAwGbH3zfez70pN6oD Hb7tzRcwHQYDVR0OBBYEFDz3/G5QCxbzB/aFImN9NBJdGqBuMBwGA1UdEQQVMBOC EXJhZGl1cy5tZXJha2kuY29tMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggr BgEFBQcDAQYIKwYBBQUHAwIwgZ8GA1UdHwSBlzCBlDBIoEagRIZCaHR0cDovL2Ny bDMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsRzJUTFNSU0FTSEEyNTYyMDIw Q0ExLTEuY3JsMEigRqBEhkJodHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNl cnRHbG9iYWxHMlRMU1JTQVNIQTI1NjIwMjBDQTEtMS5jcmwwPgYDVR0gBDcwNTAz BgZngQwBAgIwKTAnBggrBgEFBQcCARYbaHR0cDovL3d3dy5kaWdpY2VydC5jb20v Q1BTMIGHBggrBgEFBQcBAQR7MHkwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmRp Z2ljZXJ0LmNvbTBRBggrBgEFBQcwAoZFaHR0cDovL2NhY2VydHMuZGlnaWNlcnQu Y29tL0RpZ2lDZXJ0R2xvYmFsRzJUTFNSU0FTSEEyNTYyMDIwQ0ExLTEuY3J0MAwG A1UdEwEB/wQCMAAwggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB2AO7N0GTV2xrO xVy3nbTNE6Iyh0Z8vOzew1FIWUZxH7WbAAABimeh1MEAAAQDAEcwRQIgEpQz70sW ekeejDEd8Xly/9LLa/YIRCCSrGV4Y8Tky0MCIQDtnu/gab/VaFLCyOjjvzpGjUa2 9UPdkH0DzX1JGH7lIAB3AEiw42vapkc0D+VqAvqdMOscUgHLVt0sgdm7v6s52IRz AAABimeh1KoAAAQDAEgwRgIhAOKfzQ9iL90KsnTwoDOtw+8zTIq6ryqdrWV25Kqi Su9EAiEAycm+sknDHx2PhEkIcJUVCDxZU25kjt5Jr3J4RVy6ohQAdgDatr9rP7W2 Ip+bwrtca+hwkXFsu1GEhTS9pD0wSNf7qwAAAYpnodRKAAAEAwBHMEUCICmoYmML 1SipPLV21qNA6Ok/uUPCilzapRw/AzCFEiAjAiEAs980Mr6RzBQblelWNDeAU6Vh BwqDyojV0JwjLc+oyeYwDQYJKoZIhvcNAQELBQADggEBAC4IclCQgNgpLRg+siy3 TIZCaB7fDIX5ZPmhASgnBS+zI1cxWtAmDbFwI40/cH8ztD3EdcsO8Hgx0yHwU/BH wS6s39d35RZF0c8uDeSnGEESzUHfU7aI6LDwSGVPeNUlpaFkU0sNc+u+WHS655yq 4VHoNZpknlg1G559cao005jYS3hjxuX5EdBoF5Bttf5QL5mnwsBCFIsP2iKTWipl oc91A8uFaZPoGIAonvwCUcEjdvW0JohEIH1J9IrX1Ohf/mcyjEDuHP3jefUQexOf yU6vwoKkr64cnvaIG5VTWl2QoZEAuTFYOKynMs9olp+VI2pewXXqaHWPtX4CQjt5 hbw= -----END CERTIFICATE-----
Certificate details 2022-2023
meraki$ openssl x509 -noout -text -in ./new.meraki-auth-radius.cert
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:2d:f7:84:e3:69:bb:fe:b8:ce:3b:1c:51:96:4f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, O = DigiCert Inc, CN = DigiCert TLS RSA SHA256 2020 CA1
Validity
Not Before: Dec 1 00:00:00 2022 GMT
Not After : Nov 30 23:59:59 2023 GMT
Subject: C = US, ST = California, L = San Francisco, O = Meraki LLC, CN = radius.meraki.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (4096 bit)
Modulus:
00:93:98:86:06:a9:c7:7f:7d:e8:e1:bf:97:6d:69:
30:37:b3:b4:33:f7:08:79:b7:33:0b:d5:df:c9:a9:
95:ca:e0:9a:0b:a1:1b:bb:22:d8:ca:ec:29:aa:bc:
73:76:f9:e3:b8:a6:62:c3:29:c4:fc:ee:e7:3b:7e:
c9:e6:3d:5d:43:75:31:38:7f:f4:54:15:39:63:fd:
b2:1e:e4:63:52:8d:7e:2a:4b:66:8b:6c:c3:29:97:
97:ba:95:fb:27:ee:05:8d:5e:47:b9:cf:12:5c:c5:
df:b6:47:5b:0f:90:f0:f0:4d:09:ca:85:8c:55:f4:
93:ed:54:ad:cb:0c:36:e6:b3:cc:a2:d4:46:02:d5:
c9:d7:de:a7:75:43:1f:f9:cb:a2:10:15:da:16:0a:
e1:eb:b9:87:f5:24:4b:d3:b8:c0:8c:2a:2e:65:23:
3f:21:3a:40:e3:3c:0c:f1:4e:7f:18:c4:ae:1d:b3:
79:cd:62:ed:54:7d:b3:90:f5:c4:8b:13:cd:2b:0e:
6c:d4:3a:94:aa:32:67:99:23:6c:59:9c:72:7e:d7:
34:06:d3:bb:df:1d:b4:23:c9:cf:e3:4a:d2:30:1f:
19:24:30:9c:ad:5f:b3:93:8c:ce:4c:8b:cf:b0:ca:
22:1b:06:0c:41:71:9b:0c:bc:f0:11:34:22:04:e7:
9e:85:32:c8:7a:3a:a8:17:bc:a8:32:96:e0:13:0a:
11:a0:da:28:b4:10:ed:6b:e5:e3:56:ed:8e:42:f8:
61:be:65:45:81:1d:10:b3:a7:0e:8e:18:06:19:cc:
a1:57:aa:3d:aa:54:0b:4e:e2:2b:78:5b:2c:b7:b3:
33:94:71:11:2d:8e:9f:75:57:f1:fd:cf:43:46:e3:
3c:55:e8:a3:d3:c7:5a:9b:ce:26:a2:f9:c2:dc:10:
23:80:f5:79:90:7a:4e:2c:09:5c:f3:7e:de:3e:9b:
c1:90:2b:89:0a:dc:4d:70:f5:c8:e7:96:ab:87:ef:
78:be:2e:a8:9d:8a:4d:95:56:d6:52:5f:7c:54:8a:
74:91:32:de:e1:cc:7f:e9:d9:58:2b:75:a0:c0:19:
68:db:82:3f:8b:44:c5:11:8c:a8:d8:a0:87:3b:fa:
27:3a:1f:bb:94:ba:11:94:56:b3:75:7d:23:2a:3f:
ec:45:49:f4:bc:34:62:fa:d2:fe:aa:66:8a:8e:13:
c6:63:57:69:89:f5:f6:cb:c4:0d:2a:6b:9c:d5:f3:
4e:cd:b3:fa:79:b2:b5:32:17:f4:f3:bc:47:dd:4f:
ab:ff:1c:a2:a4:bd:c9:61:17:71:19:3a:60:23:54:
85:fc:34:c3:59:c2:fd:b8:91:65:58:7c:df:18:ac:
f3:b1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
keyid:B7:6B:A2:EA:A8:AA:84:8C:79:EA:B4:DA:0F:98:B2:C5:95:76:B9:F4
X509v3 Subject Key Identifier:
47:5D:46:67:F6:A5:B0:02:EE:8A:2C:8B:4B:B1:85:8E:71:90:26:CF
X509v3 Subject Alternative Name:
DNS:radius.meraki.com
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
Full Name:
URI:http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl
X509v3 Certificate Policies:
Policy: 2.23.140.1.2.2
CPS: http://www.digicert.com/CPS
Authority Information Access:
OCSP - URI:http://ocsp.digicert.com
CA Issuers - URI:http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt
X509v3 Basic Constraints:
CA:FALSE
CT Precertificate SCTs:
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : E8:3E:D0:DA:3E:F5:06:35:32:E7:57:28:BC:89:6B:C9:
03:D3:CB:D1:11:6B:EC:EB:69:E1:77:7D:6D:06:BD:6E
Timestamp : Dec 1 23:40:10.163 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:80:FD:FA:45:1E:EB:07:A8:8B:B5:E2:
62:6F:F1:92:BA:6E:B4:29:55:B6:41:00:6F:7E:98:56:
56:C3:75:C6:67:02:20:3A:AB:85:D5:86:0C:97:D6:85:
5D:C0:9F:92:17:3F:F3:E4:DC:BB:F9:F9:B2:9E:D5:99:
46:2A:1E:55:16:73:55
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : B3:73:77:07:E1:84:50:F8:63:86:D6:05:A9:DC:11:09:
4A:79:2D:B1:67:0C:0B:87:DC:F0:03:0E:79:36:A5:9A
Timestamp : Dec 1 23:40:10.269 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:4F:B2:AE:16:44:20:B4:A8:4C:4D:3A:5E:
1D:33:52:A0:B0:65:86:10:40:03:A5:3B:E9:84:21:F9:
4A:F7:4D:DB:02:21:00:FE:55:92:C5:A0:9D:78:97:94:
B7:36:2D:25:FB:99:E6:47:5D:11:B7:91:FF:04:E9:72:
AB:BC:7B:A4:FD:F2:79
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : B7:3E:FB:24:DF:9C:4D:BA:75:F2:39:C5:BA:58:F4:6C:
5D:FC:42:CF:7A:9F:35:C4:9E:1D:09:81:25:ED:B4:99
Timestamp : Dec 1 23:40:10.221 2022 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:44:02:20:6A:2E:35:77:CD:58:57:E4:BE:E1:04:70:
80:82:84:BE:BA:79:07:DB:4B:EA:A3:30:18:C1:EE:29:
C0:E1:FA:B1:02:20:32:45:E3:FA:A0:A5:03:2E:09:DE:
AE:1B:13:0D:4D:1F:A2:45:1E:4F:F7:B4:7D:AA:52:B6:
F2:86:23:CD:32:9D
Signature Algorithm: sha256WithRSAEncryption
6e:60:1b:81:9e:b8:84:4d:75:77:69:df:7d:6d:90:ea:69:ad:
64:74:d3:8b:4f:3b:8c:38:b7:35:3d:22:26:c5:16:ae:5f:93:
88:b3:48:99:f7:cf:d1:68:d8:15:17:6f:bf:57:f8:9a:df:4b:
74:96:51:63:ff:18:1a:f2:b4:08:09:a6:83:73:b4:2d:7c:c6:
10:cd:59:e5:a4:7c:b7:6e:62:c4:f3:51:7f:90:f5:c3:15:5b:
6c:85:19:04:d9:9e:2d:ba:a0:8b:98:28:a4:df:f7:55:7f:ed:
5c:ad:90:d7:9b:84:b2:ce:38:6a:b1:df:83:dd:38:ef:0a:e6:
7f:c2:27:4f:7d:a5:d1:c3:49:d6:ef:a0:61:e2:c9:76:21:f9:
7c:0a:91:24:6e:ea:6b:6d:fb:d2:06:8c:40:78:a5:79:18:0c:
fd:63:01:57:37:b1:ca:9c:3d:7a:64:61:a9:2d:4f:c9:5e:a1:
ef:b6:70:73:f2:52:71:5c:9d:4d:aa:7e:ed:63:40:c2:7d:12:
38:f9:53:20:68:6b:b7:ed:95:91:ca:1e:88:85:e5:44:71:21:
08:75:a2:f5:7d:40:c6:49:b6:61:a8:c7:d9:6e:7a:46:a8:f1:
82:be:29:7c:1d:50:65:f9:f3:a3:8d:a5:cc:c4:1f:f2:cf:64:
2c:60:b7:e1
#Meraki Authentication Radius Certificate -----BEGIN CERTIFICATE----- MIIHtjCCBp6gAwIBAgIQDi33hONpu/64zjscUZZP/zANBgkqhkiG9w0BAQsFADBP MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMSkwJwYDVQQDEyBE aWdpQ2VydCBUTFMgUlNBIFNIQTI1NiAyMDIwIENBMTAeFw0yMjEyMDEwMDAwMDBa Fw0yMzExMzAyMzU5NTlaMGsxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9y bmlhMRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRMwEQYDVQQKEwpNZXJha2kgTExD MRowGAYDVQQDExFyYWRpdXMubWVyYWtpLmNvbTCCAiIwDQYJKoZIhvcNAQEBBQAD ggIPADCCAgoCggIBAJOYhgapx3996OG/l21pMDeztDP3CHm3MwvV38mplcrgmguh G7si2MrsKaq8c3b547imYsMpxPzu5zt+yeY9XUN1MTh/9FQVOWP9sh7kY1KNfipL ZotswymXl7qV+yfuBY1eR7nPElzF37ZHWw+Q8PBNCcqFjFX0k+1UrcsMNuazzKLU RgLVydfep3VDH/nLohAV2hYK4eu5h/UkS9O4wIwqLmUjPyE6QOM8DPFOfxjErh2z ec1i7VR9s5D1xIsTzSsObNQ6lKoyZ5kjbFmccn7XNAbTu98dtCPJz+NK0jAfGSQw nK1fs5OMzkyLz7DKIhsGDEFxmwy88BE0IgTnnoUyyHo6qBe8qDKW4BMKEaDaKLQQ 7Wvl41btjkL4Yb5lRYEdELOnDo4YBhnMoVeqPapUC07iK3hbLLezM5RxES2On3VX 8f3PQ0bjPFXoo9PHWpvOJqL5wtwQI4D1eZB6TiwJXPN+3j6bwZAriQrcTXD1yOeW q4fveL4uqJ2KTZVW1lJffFSKdJEy3uHMf+nZWCt1oMAZaNuCP4tExRGMqNighzv6 Jzofu5S6EZRWs3V9Iyo/7EVJ9Lw0YvrS/qpmio4TxmNXaYn19svEDSprnNXzTs2z +nmytTIX9PO8R91Pq/8coqS9yWEXcRk6YCNUhfw0w1nC/biRZVh83xis87FFAgMB AAGjggNwMIIDbDAfBgNVHSMEGDAWgBS3a6LqqKqEjHnqtNoPmLLFlXa59DAdBgNV HQ4EFgQUR11GZ/alsALuiiyLS7GFjnGQJs8wHAYDVR0RBBUwE4IRcmFkaXVzLm1l cmFraS5jb20wDgYDVR0PAQH/BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggr BgEFBQcDAjCBjwYDVR0fBIGHMIGEMECgPqA8hjpodHRwOi8vY3JsMy5kaWdpY2Vy dC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIwQ0ExLTQuY3JsMECgPqA8hjpo dHRwOi8vY3JsNC5kaWdpY2VydC5jb20vRGlnaUNlcnRUTFNSU0FTSEEyNTYyMDIw Q0ExLTQuY3JsMD4GA1UdIAQ3MDUwMwYGZ4EMAQICMCkwJwYIKwYBBQUHAgEWG2h0 dHA6Ly93d3cuZGlnaWNlcnQuY29tL0NQUzB/BggrBgEFBQcBAQRzMHEwJAYIKwYB BQUHMAGGGGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBJBggrBgEFBQcwAoY9aHR0 cDovL2NhY2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0VExTUlNBU0hBMjU2MjAy MENBMS0xLmNydDAJBgNVHRMEAjAAMIIBfQYKKwYBBAHWeQIEAgSCAW0EggFpAWcA dgDoPtDaPvUGNTLnVyi8iWvJA9PL0RFr7Otp4Xd9bQa9bgAAAYTQD9gzAAAEAwBH MEUCIQCA/fpFHusHqIu14mJv8ZK6brQpVbZBAG9+mFZWw3XGZwIgOquF1YYMl9aF XcCfkhc/8+Tcu/n5sp7VmUYqHlUWc1UAdgCzc3cH4YRQ+GOG1gWp3BEJSnktsWcM C4fc8AMOeTalmgAAAYTQD9idAAAEAwBHMEUCIE+yrhZEILSoTE06Xh0zUqCwZYYQ QAOlO+mEIflK903bAiEA/lWSxaCdeJeUtzYtJfuZ5kddEbeR/wTpcqu8e6T98nkA dQC3Pvsk35xNunXyOcW6WPRsXfxCz3qfNcSeHQmBJe20mQAAAYTQD9htAAAEAwBG MEQCIGouNXfNWFfkvuEEcICChL66eQfbS+qjMBjB7inA4fqxAiAyReP6oKUDLgne rhsTDU0fokUeT/e0fapStvKGI80ynTANBgkqhkiG9w0BAQsFAAOCAQEAbmAbgZ64 hE11d2nffW2Q6mmtZHTTi087jDi3NT0iJsUWrl+TiLNImffP0WjYFRdvv1f4mt9L dJZRY/8YGvK0CAmmg3O0LXzGEM1Z5aR8t25ixPNRf5D1wxVbbIUZBNmeLbqgi5go pN/3VX/tXK2Q15uEss44arHfg9047wrmf8InT32l0cNJ1u+gYeLJdiH5fAqRJG7q a2370gaMQHileRgM/WMBVzexypw9emRhqS1PyV6h77Zwc/JScVydTap+7WNAwn0S OPlTIGhrt+2VkcoeiIXlRHEhCHWi9X1Axkm2YajH2W56Rqjxgr4pfB1QZfnzo42l zMQf8s9kLGC34Q== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEvjCCA6agAwIBAgIQBtjZBNVYQ0b2ii+nVCJ+xDANBgkqhkiG9w0BAQsFADBh MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD QTAeFw0yMTA0MTQwMDAwMDBaFw0zMTA0MTMyMzU5NTlaME8xCzAJBgNVBAYTAlVT MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxKTAnBgNVBAMTIERpZ2lDZXJ0IFRMUyBS U0EgU0hBMjU2IDIwMjAgQ0ExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwUuzZUdwvN1PWNvsnO3DZuUfMRNUrUpmRh8sCuxkB+Uu3Ny5CiDt3+PE0J6a qXodgojlEVbbHp9YwlHnLDQNLtKS4VbL8Xlfs7uHyiUDe5pSQWYQYE9XE0nw6Ddn g9/n00tnTCJRpt8OmRDtV1F0JuJ9x8piLhMbfyOIJVNvwTRYAIuE//i+p1hJInuW raKImxW8oHzf6VGo1bDtN+I2tIJLYrVJmuzHZ9bjPvXj1hJeRPG/cUJ9WIQDgLGB Afr5yjK7tI4nhyfFK3TUqNaX3sNk+crOU6JWvHgXjkkDKa77SU+kFbnO8lwZV21r eacroicgE7XQPUDTITAHk+qZ9QIDAQABo4IBgjCCAX4wEgYDVR0TAQH/BAgwBgEB /wIBADAdBgNVHQ4EFgQUt2ui6qiqhIx56rTaD5iyxZV2ufQwHwYDVR0jBBgwFoAU A95QNVbRTLtm8KPiGxvDl7I90VUwDgYDVR0PAQH/BAQDAgGGMB0GA1UdJQQWMBQG CCsGAQUFBwMBBggrBgEFBQcDAjB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGG GGh0dHA6Ly9vY3NwLmRpZ2ljZXJ0LmNvbTBABggrBgEFBQcwAoY0aHR0cDovL2Nh Y2VydHMuZGlnaWNlcnQuY29tL0RpZ2lDZXJ0R2xvYmFsUm9vdENBLmNydDBCBgNV HR8EOzA5MDegNaAzhjFodHRwOi8vY3JsMy5kaWdpY2VydC5jb20vRGlnaUNlcnRH bG9iYWxSb290Q0EuY3JsMD0GA1UdIAQ2MDQwCwYJYIZIAYb9bAIBMAcGBWeBDAEB MAgGBmeBDAECATAIBgZngQwBAgIwCAYGZ4EMAQIDMA0GCSqGSIb3DQEBCwUAA4IB AQCAMs5eC91uWg0Kr+HWhMvAjvqFcO3aXbMM9yt1QP6FCvrzMXi3cEsaiVi6gL3z ax3pfs8LulicWdSQ0/1s/dCYbbdxglvPbQtaCdB73sRD2Cqk3p5BJl+7j5nL3a7h qG+fh/50tx8bIKuxT8b1Z11dmzzp/2n3YWzW2fP9NsarA4h20ksudYbj/NhVfSbC EXffPgK2fPOre3qGNm+499iTcc+G33Mw+nur7SpZyEKEOxEXGlLzyQ4UfaJbcme6 ce1XR2bFuAJKZTRei9AqPCCcUZlM51Ke92sRKw2Sfh3oius2FkOH6ipjv3U/697E A7sKPPcw7+uvTPyLNhBzPvOk -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3 d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97 nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt 43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4 gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg 06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4= -----END CERTIFICATE-----