Connect to Eduroam with Linux

1. Check Certificate

To establish a secure connection with Eduroam you need to use a certificate.
This certificate comes preinstalled on most Linux Distros. Please check if it is already installed on your System. You can find it in /etc/ssl/certs/ . The name is Deutsche_Telekom_Root_CA_2.pem.
If this certificate is already installed, go to step 2.

If the certificate isn't installed you may download the certificate from the following website:
https://www.telesec.de/de/public-key-infrastruktur/support/root-zertifikate/category/58-deutsche-telekom-root-ca-2
The certificate you need is: Deutsche Telekom Root CA 2 Zertifikat.
(SHA1 Fingerprint = 85 a4 08 c0 9c 19 3e 5d 51 58 7d cd d6 13 30 fd 8c de 37 bf)

Save the certificate, and remember where you saved it. You need this certificate each time you connect to eduroam, so it's good practice to save it somewhere else than your downloads folder. Otherwise it may get deleted accidentally.


 

2. Delete existing eduroam profiles

To avoid any issues setting up eduroam, make sure no other eduroam profiles exist and delete them if needed.


3. Create a new connection

Select eduroam inside your network manager.

A window with connection settings will open.

Edit the fallowing entries:

Wi-Fi Security: WPA & WPA2 Enterprise

Authentication: Protected EAP (PEAP)

Anonymous identity: can be blank

CA certificate: Here you need to select the certificate from step 1.
If the certificate is already installed select "/etc/ssl/certs/Deutsche_Telekom_Root_CA_2.pem".
Otherwise select the certificate you downloaded.

PEAP version: Automatic

Inner authentication: MSCHAPv2

Username: Username@uni-mainz.de

Password: Your Password

Click on Connect, you should then get connected to Eduroam.