Certificate Disappears in 2008 - used for client authentication

Ok, on our network for our HP ProCurve Wireless, we have a RADIUS Server that handles the authentication automatically.  However, everyday, not at the same time, the one certficate just disapears off the server.  When this happens, no one can connect to the wlan.   To fix this problem everyday I need to:

- RDP into the certificate server, which is our domain controller
- start, run, mmc
- file, add/remove snap-in
- Certificates, add
- Computer account, local computer
- Right click Personal, all tasks, request new certificate
- next, ad enrollment policy, next, select domain controller, enroll.
- restart CNG Key Isolation Service.

Once this is done, people can authenticate.

I have attached a picture of the cert that keeps disappearing.  As you can see, I just had to issue a new one today, 9/6.

 

Can anyone help with fixing this cert issue so I do not have to request a new one each day, sometimes twice a day? cert
phantomdan2005Asked:
Who is Participating?
 
phantomdan2005Author Commented:
I fixed my own issue.  I ended deleting the self-issued cert and enabled the RAS and IAS certificate template then issued that cert.  This fixed the issue.
0
 
Svet PaperovIT ManagerCommented:
Generally, the domain controllers use an autoenrolment with the PKI and you are not required to renew their certificates manually. Do you have the same problem with another domain controller?

There must be something wrong with the PKI. Could you give us more information how it is setup, please?
0
 
phantomdan2005Author Commented:
No, this domain controller is the only one that controls the certs.
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
Jamie McKillopIT ManagerCommented:
Hello,

This usually hapens because the server the certificate is installed on can't contact the Certificate Revocation List. In the certificates MMC, open the certificate and go to the details page. Find the CRL Distribution Points field. Make sure the URL in this field is valid and can be accessed from this server. If you are using an internal CA, which it appears you are, make sure it is setup correctly and that you are properly publishing the CRL.

JJ
0
 
phantomdan2005Author Commented:
What specific information are you looking for when you ask for how it is setup?  I am  not too familiar with certificate services, and I did not setup this.  I just joined the company so things were in place before I got here.
0
 
Jamie McKillopIT ManagerCommented:
First, check the certificate and make sure the CRL Distribution Points field looks valid and is accessible form the server.

JJ
0
 
phantomdan2005Author Commented:
I fixed my own issue.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.