Eduroam

eduroam with Android

Contents

  1. General Information
  2. Configuration of eduroam

General Information

Due to the large number of Android versions and manufacturer customizations, it is not possible to provide general instructions here. Individual settings may therefore differ from the instructions described here.

Mobile devices using the Android operating system will connect to eduroam without a specific certificate by default.

Configuration of eduroam

1. Open the WLAN settings under SettingsWireless and networkWLAN settings and select eduroam.

2. Configure the connection with the following settings:

EAP method: PEAP

Phase 2 authentication: MSCHAPV2

CA Certificate: System certificate / default

Domain: radius.zdv.uni-mainz.de

Identity: username@uni-mainz.de
Username = username of your JGU account. Make sure that you really use your user name before the @ and not, for example, an email alias that differs from it!

Anonymous identity: leave blank

Password: Password of your JGU account

Click on Safe/Connect.

 

[/rechtespalte]

 

Posted on

New Digital Certificates for Wireless LANs – 2023

New digital certificates for the wireless LANs eduroam and Uni-Mainz were activated on November 24.

What does that mean for you ?For you, not much changes. The new digital certificate will be either - depending on the operating system or device - accepted automatically, or you must confirm upon request that you accept te certificate. Some devices display the name, others a so-called fingerprint of the digital certificate.

The new certificate for the  Wireless LANs for reconciliation

The correct certificate is issued for the server radius.zdv.uni-mainz.de and contains the following information for adjustment, of which only just a part is displayed (againg dependent on the operating system or device):

CN= radius.zdv.uni-mainz.de

O= Johannes Gutenberg University Mainz

S= Rhineland-Palatinate

C= DE

With fingerprint: 58 8c fd 20 66 4b d9 92 bb a6 23 53 06 1a 3c 94 d8 92 c5 18

What are digital certificates?

A digital certificate is proof of authenticity that certifies the identityof a computer or organization. You can compare it with a real-life identity card. Due to legal framework conditins and to prevent misuse, we are obligated to renew te certificates reguarly for these services.


More news from the Data Center → may be found here.

New Digital Certificates for VPN

On 2 march 2023, new digital certificates will be activated for the VPN servers.

What does that mean for you?

Not much will change for you. The new digital certificate is either automatically accepted - depending on the operating system or device - or you have to confirm that you accept the new certificate when asked. Some devices show the name, others a so-called fingerprint of the digital certificate.

The new digital certificate for VPN for comparison

Issued for: vpn.uni-mainz.de
Issued by: GEANT OV RSA CA 4
With fingerprint: 53 ad 5c 66 ea ae f6 b8 9a 05 4c 37 60 18 6e 95 50 c6 22 6b

What are digital certificates?

A digital certificate is an electronic proof of authenticity that certifies the identity of a computer or an organization. You can also compare this to an identity card in real life. Due to the legal framework and to prevent misuse, we are obliged to renew the certificates for these services on a regular basis.


More news from the Data Center → may be found here.

New Digital Certificates for Wireless LANs Eduroam and Uni-Mainz

On October 28, 2022, new digital certificates for wireless LANs eduroam and Uni-Mainz activated.

What does that mean for you ?

For you, not much changes. The new digital certificate will be either - depending on the operating system or device - accepted automatically, or you must confirm upon request that you accept te certificate. Some devices display the name, others a so-called fingerprint of the digital certificate.

The new certificate for the  Wireless LANs for reconciliation

The correct certificate is issued for the server radius.zdv.uni-mainz.de and contains the following information for adjustment, of which only just a part is displayed (againg dependent on the operating system or device):

CN= radius.zdv.uni-mainz.de

O= Johannes Gutenberg University Mainz

L= Mainz

S= Rhineland-Palatinate

C= DE

With fingerprint: ae bc 5d d0 ee 25 02 d1 14 e5 8e 77 45 a4 64 b7 37 73 b9 69

What are digital certificates?

A digital certificate is proof of authenticity that certifies the identityof a computer or organization. You can compare it with a real-life identity card. Due to legal framework conditins and to prevent misuse, we are obligated to renew te certificates reguarly for these services.


More news from the Data Center → may be found here.

Connect to eduroam with Linux

1. Check Certificate

To establish a secure connection with eduroam you need to use a certificate.
This certificate comes preinstalled on most Linux Distros. Please check if it is already installed on your System. You can find it in the folder /etc/ssl/certs/ . The name is USERTrust_RSA_Certification_Authority.pem.
If this certificate is already installed, go to step 2.

https://support.sectigo.com/articles/Knowledge/Sectigo-Intermediate-Certificates
The required certificate is called: Root Certificates: SHA-2 Root : USERTrust RSA Certification Authority

Download the certificate, and remember where you saved it. You need this certificate each time you connect to eduroam, so it's good practice to save it somewhere else than your downloads folder. Otherwise it may get deleted accidentally.

 

2. Delete existing eduroam profiles

To avoid any issues setting up eduroam, make sure no other eduroam profiles exist and delete them if needed.

3. Create a new connection

Select eduroam inside your network manager.

A window with connection settings will open.

Edit the fallowing entries:

Wi-Fi Security: WPA & WPA2 Enterprise

Authentication: Protected EAP (PEAP)

Anonymous identity: can be blank

CA certificate: Here, you need to select the certificate from step 1.
If the certificate is already installed, select /etc/ssl/certs/USERTrust_RSA_Certification_Authority.pem.
Otherwise select the certificate you downloaded.

PEAP version: Automatic

Inner authentication: MSCHAPv2

Username: Username@uni-mainz.de

Password: Your Password

Click on Connect, you should then get connected to eduroam.

Posted on

eduroam for Windows 10

1. Click on the wireless symbol in the lower right of the task bar: 

2. All available networks will be shown. Choose the network eduroam and then click on Verbinden.

3. You will be asked to enter your login data.


Important: enter your user name as follows:

username@uni-mainz.de (users of other institutions participating in eduroam may use the equivalent login data of their institution, for example: mustermann@uni-frankfurt.de)

Passwort: your password for this institutional account.

Please make sure to enter your user name before the @ and not, for example your mail alias which may be different!

4. The message "Die Identität des Servers kann nicht überprüft werden" will be displayed. You may get the details of the certificate to be displayed.

From 2 March 2023, 11.00, you will find the following finger print in the details of the certificate:

53 ad 5c 66 ea ae f6 b8 9a 05 4c 37 60 18 6e 95 50 c6 22 6b

Then click on Verbinden, to estalbish the connection.

In case this does not work ...

... and you receive the message "Verbindung zum Netzwerk kann nicht hergestellt werden" then the required certificate is probably not installed on your computer. The solution: while you are connected to another network (Winulum, for example), visit any https page (for example: OWA → https://mail.uni-mainz.de, or JoguStINe → https://jogustine.uni-mainz.de) within Internet-Explorer (do not use chrome, Opera, Firefox ... for this, as these will not automatically do the following) - when you do this with Internet Explorer, the required certificate will be installed and will subsequently be availabe for all wireless connections using eduroam or uni-mainz.

Posted on

eduroam for iPod, iPhone

  1. Remove Winulum
  2. Configuring eduroam
  3. Using the certificate

Remove Winulum

If you wish to use an Applie iPod with eduroam you will have to delete any existing Winulum connection, because otherwise an eduroam connection cannot be established.

Below Einstellungen, Wi-Fi-Netzwerke, press the arrow to the right of winulum, then press Dieses Netzwerk ignorieren and confirm this again.

Configuring eduroam

Then press the Home button on your iPod/iPhone, and the button Einstellungen:

Press Wi-Fi (must not be connected), then choose the network eduroam:

You will be asked for your user name and password. Please enter your user name (JGU account name), followed by @uni-mainz.de and the corresponding password. After that press Verbinden in the lower right.

Make sure you enter your real user name - not, for example, your mail alias, which is different!

The wireless network eduroam is also offered at other universities. If you wish to use eduroam at other universities, when entering your JGU account data you will have to add @uni-mainz.de to your JGU account name (even though it looks similar: this is not your e-mail address). Without that addition, at another university you would be regarded as a local user - and because presumably no user with your combination of user name and password exists there, a connection would then be refused.

Using the certificate

We will now show you the certificate data. Check the certificate below Mehr Details.

The right certificate is issued for the server radius.zdv.uni-mainz.de and it contains the following information for verification purposes. some of which will be displayed here:

CN = radius.zdv.uni-mainz.de
O = Johannes Gutenberg-Universitaet Mainz
L = Mainz
S = Rheinland-Pfalz
C = DE

finger print: ae bc 5d d0 ee 25 02 d1 14 e5 8e 77 45 a4 64 b7 37 73 b9 69

If a certificate with this information is displayed, click on Annehmen. Now wait until a connection has been established. The next thing on display will be an overview of the Wi-Fi networks. Done.

Posted on

eduroam for Windows 8

  1. Establishing the connection
  2. In case this doesn't work ...

Establishing the connection

Look for the network eduroam under Einstellungen → Netzwerke. Then click Verbinden.

Enter your user name (JGU account) in the form username@uni-mainz.de and your password. Then click OK.

In front of the @ symbol please enter your real user name, not, for example, your mail alias, which is different!

The following notification will then appear:

For displaying the details of the certificate click on Zertifikatsdetails anzeigen.
Something like the following will then appear:

From 9 July 2019, 18.00, you will find the following finger print in the details of the certificate:

Then click on: Verbinden.

In case this doesn't work ...

... and you receive the note 'Verbindung zum Netzwerk kann nicht hergestellt werden': this probably means that the necessary certicate is not installed on your device. To solve this problem, you may use another network (winulum, for example) and then open a https URL like OWA (→ https://mail.uni-mainz.de) or JoguStINe (→ https://jogustine.uni-mainz.de) with Internet-Explorer (not Chrome, Opera, Firefox or another browser, because it won't work there).
If you open that URL in Internet Explorer, the necessary certificate should be automatically installed and will then be availabe for wireless connections like eduroam and uni-mainz.

Posted on

eduroam – Wireless LAN via associated University network

The University of Mainz takes part in the → eduroam network, in which universities have joined forces in Europe (in the meantime even worldwide).

 

 

 

Under the network name (SSID) eduroam, the center operates campus-wide data processing for an encrypted wireless LAN. WPA/WPA2 Enterprise with TKIP and AES encryption serve as security mechanisms. The coverage is consistent with the coverage for the wireless LAN uni-mainz (with the exception of the University Clinic areas).Members of other universities participating in the European eduroam network can connect to the eduroam wireless LAN via the University of Mainz, by logging in with the JGU account of their home university.
Conversely, members of the University of Mainz who are at other universities in the eduroam network may use eduroam with the Mainz JGU account.

Instructions for setting up eduroam with various operating systems can be found below and in the navigation bar.

When using the following instructions for configuring eduroam on various operating systems plese note:

Usually it should not be necessary to download a certificate any more. The certificate we use is already available on most devices.

Users who have already used eduroam with an older configuration (using the orca certificate that had to be separately installed) will have to delete their existing eduroam connection first and may then re-configure it.

Posted on