Appendix

Content

01. How to Generate Customized Certificate?

Several tools are available to create self-signed certificates. In this tutorial, we will use OpenSSL to create a self-signed certificate for secure LDAP.

To get started:

Generate the certificate:
- Download FreeRADIUS code from https://github.com/FreeRADIUS/freeradius-server/tree/master/raddb/certs.
- Navigate to the directory: cd raddb/cert/
- Adjust the customized information in the .cnf file (e.g., domain name, expiration duration, location, etc.).
- Run the bootstrap script: ./bootstrap
- Zip the certificate files: zip cert.zip server.pem dh ca.pem
Click Import and Zip File Upload to upload cert.zip to EnGenius Cloud.

Export ca.pem and install it on the client device if requested.

Note:

Some browsers might complain about the self-signed certificate and display a "Not Trusted" warning message. If so, the user needs to search for an official Certificate Authority (CA) to apply for a formal CA certificate to avoid the warning message.

02. Supported Operating Systems and Models

EAP-TTLS/PAP and TLS 1.2+ are essential on client devices. The following operating systems have native support and are verified to work with EnGenius Cloud AP:

iOS version 13 and higher
Google Chrome OS
Android version 6 and higher
Microsoft Windows 8 and higher
MacOS 11 and higher

Verified Client Device List:

Manufacturer

Model

Operating System

Apple

iPhone 7 Plus

iOS 13.1.3

Apple

iPhone 11

IOS 15.4

Apple

iPhone 12

iOS 14.1

Apple

iPhone XS

IOS 14.6

Apple

MacBook Air (M1,2020)

MacOS 12.3

Apple

iPad Air A1474 (2013)

iOS 12.5.5

Lenovo

IdeaPad Duet CT-X636F

Chrome OS 72

Google

Pixel 3a

Android 11

ProBook 450 G8

Windows 10

Samsung

S21

Android 11

Samsung

Note 4

Android 6.0.1

03. Software Architecture

Captive portal with Azure AD Server

WPA2/WPA3-Enterprise with Azure AD Server

PreviousSetup LDAP Profile on Client Devices NextTroubleshooting

Last updated 6 months ago