CA Server Issue - CAS Crashed/RADIUS Errors
Hi Guys
I've run into a bit of an issue, my CA server crashed (No backup!) a while back and I thought there wouldn't be any issues, but a few days back the certificate on the PDC expired and now any user trying to connect to the wireless is unable too, due to the RADIUS. It seems that because the certificate expired the RADIUS server has stopped working.
Any idea what the best solution is to get the wireless working again?
Setting up another CA?
Setting up a self signed certificate (using IIS) for the RADIUS?
If I do not setup another CA will there be any further consequences? All servers have been popping up auto enrollment certificate errors.
Any feedback will be great. Thanks!
I've run into a bit of an issue, my CA server crashed (No backup!) a while back and I thought there wouldn't be any issues, but a few days back the certificate on the PDC expired and now any user trying to connect to the wireless is unable too, due to the RADIUS. It seems that because the certificate expired the RADIUS server has stopped working.
Any idea what the best solution is to get the wireless working again?
Setting up another CA?
Setting up a self signed certificate (using IIS) for the RADIUS?
If I do not setup another CA will there be any further consequences? All servers have been popping up auto enrollment certificate errors.
Any feedback will be great. Thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
No a self signed certificate in the Radius server won't help you.
The simple reason: the Certificate Authority for that self signed certificate will not be found.
You also need to remember that the basis of PKI is that there is always an Authority that can verify a the validity of a certificate. Have a look at a valid certificate and check out the Certificate Path....it's needed for establishing if your Certificate is valid.
http://technet.microsoft.com/en-us/library/cc731853.aspx
Reasons for installing a CA
http://technet.microsoft.com/en-us/library/cc776679(v=ws.10).aspx
Additional reading that may interest you:
http://social.technet.microsoft.com/wiki/contents/articles/987.windows-pki-documentation-reference-and-library.aspx
http://technet.microsoft.com/en-us/library/cc772670(v=ws.10).aspx
http://www.trainsignal.com/blog/active-directory-certificate-services
The simple reason: the Certificate Authority for that self signed certificate will not be found.
You also need to remember that the basis of PKI is that there is always an Authority that can verify a the validity of a certificate. Have a look at a valid certificate and check out the Certificate Path....it's needed for establishing if your Certificate is valid.
http://technet.microsoft.com/en-us/library/cc731853.aspx
Reasons for installing a CA
http://technet.microsoft.com/en-us/library/cc776679(v=ws.10).aspx
Additional reading that may interest you:
http://social.technet.microsoft.com/wiki/contents/articles/987.windows-pki-documentation-reference-and-library.aspx
http://technet.microsoft.com/en-us/library/cc772670(v=ws.10).aspx
http://www.trainsignal.com/blog/active-directory-certificate-services
ASKER
I'm in the process of doing the cleanup, any idea how I will work around the RADIUS issue? Could I use a self signed cert just for the RADIUS? That would be the only reason why I would setup another CA,,,