Well, I'm thinking of the multitude of iOS, Android and MacOS devices that I don't think would get that certificate via VPN?  But I'm also waving my ignorance flag here too.  And not everyone needs to use the VPN in order to telecommute.

AEH 

On 4/1/20, 9:47 AM, "Technology Discussion at UVM on behalf of Geoffrey Duke" <[log in to unmask] on behalf of [log in to unmask]> wrote:

    Assuming that people run the VPN, they should be able to receive configuration updates while at home and be all set to come to campus as use Wi-Fi. At least, that's the theory. :)
    
    —Geoff
    
    
    
    -----Original Message-----
    From: Technology Discussion at UVM <[log in to unmask]> On Behalf Of Andrew Hendrickson
    Sent: Wednesday, April 1, 2020 9:39 AM
    To: [log in to unmask]
    Subject: Re: Wireless authentication certificate update
    
    Hi Greg-
    
    So, just to clarify our situation; we have both old and new certificates available at the moment.  But after 4/5/2020 the old certificate will have expired, correct?  Thus we will have the old catch-22 of five years ago because most users are currently off campus - they can't get on the UVM network to acquire the new certificate because the old certificate is expired.
    
    Is my assumption correct?  I'm just trying to make IT support personnel aware of one of the issues we will be dealing with en masse as we return to business as usual.
    
    AEH 
    
    On 4/1/20, 8:05 AM, "Technology Discussion at UVM on behalf of Greg Kuchyt" <[log in to unmask] on behalf of [log in to unmask]> wrote:
    
        This work has been done and I've confirmed authentication is working to both UVM and eduroam SSIDs.
        
        On 3/31/20, 12:24, "Technology Discussion at UVM on behalf of Greg Kuchyt" <[log in to unmask] on behalf of [log in to unmask]> wrote:
        
            The certificate that backs the authentication backend for 802.1x wireless networks at UVM (radius.uvm.edu) is set to expire on the 5th. This backend is what serves authentication for the UVM SSID and UVM affiliates who connect to eduRoam (regardless of geographical location) To avoid a support crisis over a weekend, I'm going to promote the new certificate tomorrow morning around 0800. I will update this posting once this has been done.
            
            This will most likely result in the client being required to accept/review the certificate when they re-connect.
            
            The Tech Team has drawn up a KB article for troubleshooting issues with this.
            
            https://www.uvm.edu/it/kb/article/radius-uvm-edu-certificate-renewal-uvm-wireless/