Summary
After the wireless authentication server certificate update, wifi users connecting to eduroam, especially those with Apple devices, may be prompted to "Trust" the server clearpass.emerson.edu . You must trust this server to continue connecting to eduroam. Do not trust any other server name for eduroam, even if you are traveling.
This prompt may not appear on the main screen on iPhones, as your device will shift to using cellular data when it can not connect to eduroam. Thus, check the Wi-Fi settings to confirm that you are connected.
The 2025 clearpass.emerson.edu certificate update was completed Wednesday night, July 23.
Background
Before your system sends your username and password off to an eduroam wifi network, it should confirm that it is connected to Emerson's wireless authentication server, clearpass.emerson.edu . This server uses Certificates similar to those on https secure websites to confirm its identity, and these certificates must be renewed annually before they expire. With wi-fi, unlike a web server, your devices can not automatically confirm the proper name of the server from the website name -- sites all around the world use the network name "eduroam", and each site names its own authentication server, such as our clearpass.emerson.edu. Apple devices usually require explicit trust of our server; other devices vary depending on their OS settings.
Required Action
When you first connect to eduroam, or when the clearpass.emerson.edu server certificate changes, your device may prompt you to confirm that it is safe to send your username and password to clearpass.emerson.edu
You should Trust our server if prompted, but never let your device send your login data to any other server name -- even if you connect to eduroam on the far side of the globe, only clearpass.emerson.edu gets to see your password.
Once you have initially connected to eduroam, your device should connect automatically, until the clearpass.emerson.edu certificate changes. At that point, you may be prompted to "Trust" the server again, to accept the new certificate.
Security Issues
If you attempt to join eduroam and get a request to Trust any server other than clearpass.emerson.edu, you may be seeing a "Man In the Middle" (MITM) attack. An attacker could set up a fake "eduroam" wireless network, and use it to attempt to collect usernames and passwords. The check for the server's certificate name is your defense agains such attacks, as no one but Emerson IT can create emerson.edu server certificates.
iPhone and Mac Details
For full connection details, see the articles Connecting to Wireless with MacOS and Connecting to Wireless with iOS .
On Mac computers, the clearpass.emerson.edu certificate trust dialog is similar to this image. If you click the "Show Certificate" button, you will see that the clearpass.emerson.edu certificate is signed by a known and trusted root certificate authority:
On iPhones, the clearpass.emerson.edu trust dialog is similar to the following image. (Note that the "Issued by" information will be different than shown in this 2018 image; the server name is what matters.) Click the "Trust" link in the upper right corner to trust and accept the server:
Windows 11
After a certificate is updated, a Windows 11 computer will show the wireless icon as disconnected. Click the wireless icon to view the available networks. You will now see eduroam with "Action needed". Click eduroam and then connect to the following screen.