Worth buying Verisign certificate for radius authentication?

  • 2
  • Question
  • Updated 5 years ago
  • Answered
We're a school district looking forward to BYOD, and would like to integrate wireless access with student LDAP accounts. However, a self-signed certificate may cause confusion with security warnings on client devices, and may cause users to stop verifying certificates altogether. Is it worth buying a Verisign certificate for radius authentication to avoid the security warnings / errors on BYOD clients?
Photo of Elson Liu

Elson Liu

  • 5 Posts
  • 1 Reply Like

Posted 5 years ago

  • 2
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Yes! Very much so! It is definitely worth buying one from a commercial certificate authority that devices will already have the root for, directly or cross signed.

(Self signed certificates should only be used in an exclusively managed environment where you can distribute the root.)

The major providers to look at are:

Verisign, Thawte and Geotrust (All Symantec owned but usually priced differently.)

We presently use Thawte.
Photo of Elson Liu

Elson Liu

  • 5 Posts
  • 1 Reply Like
Thanks for the info! Are some providers more widespread on various clients than others?
Photo of Andrew Garcia

Andrew Garcia, Official Rep

  • 368 Posts
  • 120 Reply Likes
The big names generally have good cross platform coverage (Verisign, Comondo, GoDaddy, etc). You can go through the lists of supported root CAs for the platforms you support to find ones that have the best universal support for your needs, and weigh that information against cost. For example: