OSX 10.10 802.1x Profiles

DISCLAIMER: Playing with system configuration data and removing files is dangerous and presents a risk to your system, only attempt this fix at your own risk, any consequences are on your head

Recently I have had to start replacing a number of certificates used for wireless authentication on a RADIUS/802.1X authenticated wireless network at a number of clients, and for the most part it has gone smoothly (but this does not make for a good blog post now does it). There have however been issues with a number of OS X based devices, and more specifically devices that have gone through a number of in place upgrades since the system profile was installed.

These systems have all had a number of in place upgrades over the years from either OS X 10.6 given their age and as such there are now issues removing these 802.1X profiles.

To understand why this is happening, a little background on how the profiles were managed previously and are managed now is in order.

In 10.6 and prior an 802.1X profile was added (+) or removed (-) through the 802.1X tab in the Advanced settings on the interface (in this case WiFi/Airport)


In 10.7 and later these buttons have been removed


With 10.7 to manage these profiles a new System Preferences option was added, it is called simply “Profiles”.


Now whilst this is not an issue for most cases, unless a profile has been added since the upgrade, it does not appear in the Profiles pane, and therefore the Profiles pane does not show in the System Preferences menu.

This leaves us with a profile we cannot remove due to the lack of buttons in the 802.1X tab on the interface, and no Profiles pane accessible (due to no registered profiles) in the System Preferences tab



So how do we remove it? through the venerable and all powerful command line interface (Terminal).

First you need to know the location of the system configuration profiles which is the directory /Library/Preferences/SystemConfiguration.

Now this is where I can only guide you, I did this operation in the opposite order to what is outlined here due to the fact that I did the second part first and it did not remove the profile, therefore I do not know if its required or not to remove the profile, try running the first remove before removing the other two files.

The profile information seems to be stored in the file com.apple.network.eapolclient.configuration.plist within the system configuration directory, so to remove it we want to run the following command

sudo rm /Library/Preferences/SystemConfiguration/com.apple.network.eapolclient.configuration.plist

This will prompt you for a password if you have not authorized to sudo yet/recently (it has a timeout of 5 minutes), enter your password, hit enter and it will remove the file, now reboot OS X (yes this is required) and the profile SHOULD be removed.


NOTE: Adrian Stevenson left a comment on the 13th of October 2015 stating that the above file is the only required to remove the profile, based upon this, the information below is not relevant to solving this issue, I have however left it so the article still contains all its original information

Further to this Kevin posted in the comments on the 27th of January 2016 that the command is confirmed on Mavericks only to require the first line


However if its not removed as I said above I had removed two other files prior to removing the com.apple.network.eapolclient.configuration.plist file. Specifically these are the following files;


These files were located via use of the grep command to locate references for the keyword “802” inside files (that are themselves inside the SystemConfiguration directory). The command locate these is as follows;

grep "802" /Library/Preferences/SystemConfiguration/*

NOTE: Notice the lack of a sudo, we are only reading information here, not writing so no need to sudo

It is however worth noting that due to the use of the keyword “802” this searches for all references to 802 (well der) and as wireless itself, as well as other communications protocols all have 802 numbers which they can be referenced by (i.e. 802.11 is wireless) it will find references to these protocols as well, so removing all files where this occurs may, and most likely will remove configurations for other 802 series protocols/standards where these are referenced by their 802 identifiers inside the configuration profiles. On the laptop I did this testing on, removing these files removed ALL wireless connection details, and although this may not be a great concern in some cases, it may cause issues in others.

Anyway if the removal of the first file and its subsequent reboot did not work, removing all three files should fix the issue (we want to remove the original file again to ensure there have been no references generated in the new file)


sudo rm /Library/Preferences/SystemConfiguration/com.apple.airport.preferences.plist
sudo rm /Library/Preferences/SystemConfiguration/NetworkInterfaces.plist
sudo rm /Library/Preferences/SystemConfiguration/com.apple.network.eapolclient.configuration.plist

Reboot and the Profile should have now removed itself.


Let me know if it works for you in the comments


Written By Justin

13 Comments on “OSX 10.10 802.1x Profiles

  1. Adrian Stevenson Reply

    October 13, 2015 at 1:48


    Thanks for this info. I had the same problems you describe above removing my old 802.1x profiles. All I needed to do was the ‘sudo rm /Library/Preferences/SystemConfiguration/com.apple.network.eapolclient.configuration.plist’ command and a reboot. That sorted it out for me. Thanks again, Adrian

    • Justin Reply

      October 13, 2015 at 7:26

      Good do know that, I will add a note stating you have confirmed this to the main body of the article



  2. Ronald Reply

    December 30, 2015 at 5:45

    works indeed with just the first command.

    • Justin Reply

      December 30, 2015 at 7:26

      Thanks for the further confirmation



  3. Kevin Reply

    January 27, 2016 at 9:04

    Worked like a charm in Mavericks with just the first command.

    • Justin Reply

      January 27, 2016 at 9:25

      Thanks for the confirm, I will update the note in the post

  4. Dave Reply

    April 20, 2016 at 4:02

    Thank you!

    Had a box at work where wifi worked but not wired. Deleted the mystery profile and he’s on again.

  5. Alona Reply

    October 7, 2016 at 7:17

    You are a genius! I’ve been trying to sort it out for 3 hours until I found you article – first command worked straight away (after reboot) in OS Sierra! Thank you so much!

  6. Anja Reply

    February 25, 2017 at 12:46

    Oh my God, thank you so much! I was struggling with this problems for days and finally it was that simple! You are my hero! 🙂

  7. KC Speicher Reply

    May 15, 2017 at 6:52

    Thanks for this, I knew what needed doing but didn’t know how to do it ’til I stumbled across this page.

  8. Mark in Cleveland Reply

    May 3, 2019 at 12:44

    I just spent 2 hours trying to get a Mac to authenticate with 802.1x over the Ethernet after updating the CA and login certificates in the System Keychain.. NOTHING was working until I found your article. Deleting that one file and rebooted the system and suddenly I was back online.
    Apple really need to up their game on useful documentation. All the apple documentation was pointing me to Features and tools that were in earlier version but they have since removed from the OS.

  9. Jose Reply

    May 13, 2019 at 11:38

    So, how can I create a new profile in 10.7 or later? I’ve been seeking around and the only conclusion I got is that I need to install a macOS Server for creating profiles… Is that true? 🙁

    • Justin Reply

      May 15, 2019 at 8:28

      There are many ways to create a profile, what are you trying to achieve?

Leave a Reply

You have to agree to the comment policy.

12 − 2 =

This site uses Akismet to reduce spam. Learn how your comment data is processed.