...
In order to make use of this new feature, your FLR server must have acquired an eduroam server certificate. Depending on which federation or world region you are from, the procedures for getting a certificate will differ. The following subsection is a globally valid description of the eduroam Trust Model; the subsection after that defines rules per world region, as far as they are known at the time of writing, and the last subsections deals with the actual provisioning of certificates in Europe.
The eduroam server certificate trust model: eduPKI PMA and the eduroam Trust Profile
...
The number of accredited CAs and the list of certificates can change at any time. It is important that all eduroam servers consult an up-to-date list of accredited CAs. The list of currently accredited CAs is maintained in a TERENA repository of the TACAR service. A browsable list can be found here: https://www.tacar.org/cert/list/
eduroam operations will make available scripts for easy regular download and update of the accredited CAs. On UNIX-like systems, this script should be executed in a cron job on a regular basis (we suggest daily).
...
There is currently one accredited Certification Authority: the eduPKI CA, located at https://www.edupki.org/edupki-ca/ . Further . eduPKI CA acts as a catch-all for all areas within the GEANT service area which do not have their own CA for the eduroam service. Such further CAs are welcome to apply for eduPKI PMA accreditation.
eduroam operators should request their eduPKI CA eduroam certificate as defined in the last subsection.
Americas
No information.
Asia-Pacific
No information.
Africa
No information.
Obtaining a server certificate with eduPKI CA
Please follow the by following the instructions on the eduPKI CA eduroam RA pages at: http://www.eduroam.org/index.php?p=europe&s=edupki
Americas
No information.
Asia-Pacific
No information.
Africa
No information.