Skip to content
GET HELP
OIT_Knowledge_Base

Certificate Warning for Eduroam

Print Friendly and PDF

When connecting to eduroam for the first time, it is normal to see the following message:

"The server radius.ns.utk.edu presented a valid certificate issued by AddTrust External CA Root, but AddTrust External CA Root is not configured as a valid trust anchor for this profile"

Note: If the message says that the certificate is not valid, DO NOT CONNECT!  Connecting to such a network could lead a compromise of your username and password.  Contact the HelpDesk at 865-974-9900 and report the issue immediately. 

This warning is due to the wireless client not being configured to expect a TLS certificate with a name of 'radius.ns.utk.edu' which was issued by AddTrust External CA Root.  When you connect to an https website, the users enters the URL (e.g.https://www.utk.edu).  The browser can validate that the entered URL matches the certificate and that the issuer of the certificate is trusted.  On a new wireless connection using the WPA2-Enterprise security protocol, the client doesn't know what the name of the certificate should be, so it must ask user to verify that it is correct. 

For eduroam, our certificate uses the name 'radius.ns.utk.edu'.  The root CA for the certificate is Addtrust External Root CA.

 

Need more help?

The flagship campus of the University of Tennessee System and partner in the Tennessee Transfer Pathway.