Avatar of ThorinO
ThorinO
Flag for United States of America asked on

802.1X SSL cert not working in network policy server (2008 server)

I am having an issue very similar to the link below.

https://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/Q_26531372.html#discussion

I have used the link below to change my validity to 5 years

http://social.technet.microsoft.com/wiki/contents/articles/how-to-change-extend-the-expiration-date-of-certificates-that-are-issued-by-a-windows-server-2008-or-a-windows-server-2003-certificate-authority.aspx

I have gone into Certificates -> Personal -> Certificates and requested a new cert. I select AD enrollment policy, then domain controller authentication and I get a 5 year cert.

When I go into NPS, select the policy, go to the constraints tab, select PEAP in the authentication methods, and click edit I only have the root CA SSL cert, not the one I requested.

When I try and use this cert to authenticate a iPhone it doesn't work.
Wireless NetworkingSSL / HTTPSWindows Server 2008

Avatar of undefined
Last Comment
ThorinO

8/22/2022 - Mon
prashantjain

Did the certificate mail from the CA reach you?
Have you installed the certificate ?
ThorinO

ASKER
This was a self issued certificate from a CA on our domain.
prashantjain

Do you have the certificate? If you do copy it in a notepad file. Change the extn to .cer and check if it is correct.

This is the best money I have ever spent. I cannot not tell you how many times these folks have saved my bacon. I learn so much from the contributors.
rwheeler23
ASKER CERTIFIED SOLUTION
CERTExpert

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ThorinO

ASKER
I requested the cert from our enterprise CA which is also the same server where NPS resides. Should I run the 'Certutil -repairstore' command?
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ThorinO

ASKER
Thank you, I have not worked more on this yet but I need to.