Applies to: Centrify DirectControl Mac agent version 5.3.1 or above
802.1x Wi-Fi network (using Machine certificate to authenticate) does not connect automatically anymore, instead it requires to manually select the certificate that validates the connection.
The auto-connect was working just fine in the OS version 10.12.3 and below, but after upgrading to OS verison 10.12.4 - 10.12.6 seems to break the automatic authentication.
The issue is due to the behavior change introduced by Apple in OS version 10.12.4 as follow:
Available for: macOS Sierra 10.12.4
Impact: A malicious network with 802.1X authentication may be able to capture user network credentials
Description: A certificate validation issue existed in EAP-TLS when a certificate changed. This issue was addressed through improved certificate validation.
Apple has fixed the problem in OS version 10.13. Therefore, please consider to perform an upgrade on the OS along with Centrify agent 5.4.2 or above.