Solved

Certificate Disappears in 2008 - used for client authentication

Posted on 2011-09-06
7
1,333 Views
Last Modified: 2013-12-09
Ok, on our network for our HP ProCurve Wireless, we have a RADIUS Server that handles the authentication automatically.  However, everyday, not at the same time, the one certficate just disapears off the server.  When this happens, no one can connect to the wlan.   To fix this problem everyday I need to:

- RDP into the certificate server, which is our domain controller
- start, run, mmc
- file, add/remove snap-in
- Certificates, add
- Computer account, local computer
- Right click Personal, all tasks, request new certificate
- next, ad enrollment policy, next, select domain controller, enroll.
- restart CNG Key Isolation Service.

Once this is done, people can authenticate.

I have attached a picture of the cert that keeps disappearing.  As you can see, I just had to issue a new one today, 9/6.

 

Can anyone help with fixing this cert issue so I do not have to request a new one each day, sometimes twice a day? cert
0
Comment
Question by:phantomdan2005
  • 4
  • 2
7 Comments
 
LVL 20

Expert Comment

by:Svet Paperov
ID: 36495470
Generally, the domain controllers use an autoenrolment with the PKI and you are not required to renew their certificates manually. Do you have the same problem with another domain controller?

There must be something wrong with the PKI. Could you give us more information how it is setup, please?
0
 

Author Comment

by:phantomdan2005
ID: 36495708
No, this domain controller is the only one that controls the certs.
0
 
LVL 37

Expert Comment

by:Jamie McKillop
ID: 36495724
Hello,

This usually hapens because the server the certificate is installed on can't contact the Certificate Revocation List. In the certificates MMC, open the certificate and go to the details page. Find the CRL Distribution Points field. Make sure the URL in this field is valid and can be accessed from this server. If you are using an internal CA, which it appears you are, make sure it is setup correctly and that you are properly publishing the CRL.

JJ
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:phantomdan2005
ID: 36495739
What specific information are you looking for when you ask for how it is setup?  I am  not too familiar with certificate services, and I did not setup this.  I just joined the company so things were in place before I got here.
0
 
LVL 37

Expert Comment

by:Jamie McKillop
ID: 36495822
First, check the certificate and make sure the CRL Distribution Points field looks valid and is accessible form the server.

JJ
0
 

Accepted Solution

by:
phantomdan2005 earned 0 total points
ID: 36528762
I fixed my own issue.  I ended deleting the self-issued cert and enabled the RAS and IAS certificate template then issued that cert.  This fixed the issue.
0
 

Author Closing Comment

by:phantomdan2005
ID: 36555751
I fixed my own issue.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question