iPad EAP-TLS configuration Guide
© 2010 by Aruba Networks Inc. All rights reserved. All computer programs referred to in this document contain
the confidential and intellectual property of Aruba Networks Inc. A released version of this document can be
obtained upon request from Aruba Networks document control. No part of this form may be used, copied,
disclosed, or transferred to any party without prior written authorization from Aruba Networks Inc. This
document is uncontrolled when printed.
Author
Andreas Zindel
Section Revised
Initial Document creation
Revision
Level
Revision
Date
1.0
7/23/10
CONTACT INFORMATION
Comments with regards to this document should be directed to Aruba Technical
Marketing.
© 2007-2010 by Aruba Networks, Inc.
Table of Contents
1
2
Introduction .............................................................................................................. 3
EAP-TLS Configuration ............................................................................................ 3
© 2007-2010 Aruba Networks, Inc.
Application Note
2
1 Introduction
This document describes how to configure an Apple iPad for EAP-TLS 802.1x
authentication. This document does not cover any network side configuration necessary
for 802.1x EAP-TLS.
2 EAP-TLS Configuration
To configure and deploy EAP-TLS with the iPad you must download and install the
iPhone Configuration Utility
For Windows http://support.apple.com/kb/dl926
For Mac OS http://support.apple.com/kb/DL851
Once you installed the iPad configuration utility you can configure the iPad for EAPTLS.
These instructions imply you have access to your organizations Root and Personal
Certificate needed for authentication. The root certificate and client certificate must be
installed on the PC from which you are configuring the iPad using the iPhone
configuration.
Connect your iPad to your PC
Open the iPad configuration Utility
Select Configuration Profiles
Click on New
© 2007-2010 Aruba Networks, Inc.
Application Note
3
Select General in the center column
Fill in the fields in the form on the right side
In the center console select Credentials
Select Configure
© 2007-2010 Aruba Networks, Inc.
Application Note
4
In the certificate dialog window select your organization’s root certificate and click OK
In the iPhone configuration application click on the + in the upper right corner to add the
Client Certificate needed for authentication.
In the certificate dialog window select your client certificate and click OK
© 2007-2010 Aruba Networks, Inc.
Application Note
5
In the case your client certificate is password protected for export, the iPhone
configuration utility will prompt you to enter this password. You will have to contact your
companies IT organization for the password.
Enter the password for the client certificate export and click OK
In the iPhone configuration utility you should see two Certificates now. The first is your
organizations ROOT certificate and the second is the client certificate used for
authentication.
Select WiFi in the Center column
Click on Configure on the right side
© 2007-2010 Aruba Networks, Inc.
Application Note
6
Type the Network Name (SSID) into the Service Set Identifier field and select WPA /
WPA2 Enterprise from the Security Type dropdown menu
Select TLS for Accepted EAP Types
Click in Authentication and select the client certificate from the Identity Certificate
dropdown menu
© 2007-2010 Aruba Networks, Inc.
Application Note
7
Click on Trust and select your CA certificate
Select your iPad on the left side
Select the Configuration Profiles tab on the right side and select Install for the EAPTLS profile just created
© 2007-2010 Aruba Networks, Inc.
Application Note
8
When prompted on the iPad select Install to continue
Select Install Now to continue
Select Done to finish the installation
© 2007-2010 Aruba Networks, Inc.
Application Note
9
On the iPad Desktop select Settings
Select General
On the right side select Network
© 2007-2010 Aruba Networks, Inc.
Application Note
10
Select Wi-Fi
Select the network SSID to which the iPad should connect. The spinning wheel next to
the wireless symbol indicates that the iPad is in the process of connecting to the
network. In this example the iPad is initiating a connection to the iPad-Test network.
You will be prompted to enter the connection credentials. Select Mode
© 2007-2010 Aruba Networks, Inc.
Application Note
11
In the Mode selection screen first select EAP-TLS and then Enter Password to return
to the previous screen
Back at the Enter Password screen select Identity
© 2007-2010 Aruba Networks, Inc.
Application Note
12
In the Identity screen first select your Client Certificate and then select Enter
Password to go back to the previous screen
Type in the Username exactly as it appears in the Identity name field
When prompted select Accept to validate the Server Certificate to continue to connect
to the wireless network
© 2007-2010 Aruba Networks, Inc.
Application Note
13
Once you see a check mark in front of the network name and the wireless symbol
change color to blue the iPad successfully connected to the wireless network.
© 2007-2010 Aruba Networks, Inc.
Application Note
14