Originally Posted by Camarones
Even if a certificate is required (notice that on windows clients you can disable certificate checking?) I already have the server's root certificate installed and trusted on the BB. There is only one authentication server/certification authority/domain controller in my domain/office, and that is it. Would there even be any intermeditate certificates?
On our Nortel Wireless WPA-TKIP and PEAP, we have a trusted Root certificate and Intermediate Certificate to install.
This is all controlled by Group Policy
When you issue a certificate to a device for security. You create a certifcate chain. When your clients connect to the wireless for instance, the certificate used in this process is the server certificate, not the root certificate.
For example, say you want to secure your server with a Verisign SSL certificate, you would get a signed certificate from Veisign for that 1 particular server. What happens, because the root certificate is trusted, the server certificate is automatically trusted.