ThorinO
asked on
802.1X SSL cert not working in network policy server (2008 server)
I am having an issue very similar to the link below.
https://www.experts-exchange.com/questions/26531372/WIndows-2008-R2-wireless-access.html#discussion
I have used the link below to change my validity to 5 years
http://social.technet.microsoft.com/wiki/contents/articles/how-to-change-extend-the-expiration-date-of-certificates-that-are-issued-by-a-windows-server-2008-or-a-windows-server-2003-certificate-authority.aspx
I have gone into Certificates -> Personal -> Certificates and requested a new cert. I select AD enrollment policy, then domain controller authentication and I get a 5 year cert.
When I go into NPS, select the policy, go to the constraints tab, select PEAP in the authentication methods, and click edit I only have the root CA SSL cert, not the one I requested.
When I try and use this cert to authenticate a iPhone it doesn't work.
https://www.experts-exchange.com/questions/26531372/WIndows-2008-R2-wireless-access.html#discussion
I have used the link below to change my validity to 5 years
http://social.technet.microsoft.com/wiki/contents/articles/how-to-change-extend-the-expiration-date-of-certificates-that-are-issued-by-a-windows-server-2008-or-a-windows-server-2003-certificate-authority.aspx
I have gone into Certificates -> Personal -> Certificates and requested a new cert. I select AD enrollment policy, then domain controller authentication and I get a 5 year cert.
When I go into NPS, select the policy, go to the constraints tab, select PEAP in the authentication methods, and click edit I only have the root CA SSL cert, not the one I requested.
When I try and use this cert to authenticate a iPhone it doesn't work.
ASKER
This was a self issued certificate from a CA on our domain.
Do you have the certificate? If you do copy it in a notepad file. Change the extn to .cer and check if it is correct.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I requested the cert from our enterprise CA which is also the same server where NPS resides. Should I run the 'Certutil -repairstore' command?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you, I have not worked more on this yet but I need to.
Have you installed the certificate ?