Solved

Help needed with an expired RAS and IAS Server Certificate

Posted on 2014-01-06
2
927 Views
Last Modified: 2014-07-23
Recently my users started to experience problems getting onto our internal wireless network. As I am fairly new, I do not know how it is configured but through the event viewer I saw this - "The certificate received from the remote server has either expired or is not yet valid. The SSL connection request has failed. The attached data contains the server certificate."

I have opened Certificate Services on the server (my NPS) and noticed that the certificate expired on 17th December.  I figured out how to create a new personal certificate but I am stuck as to what to do now.  Do I drag it into the Trusted Root Certificate Authority?  How do I deploy it?  I have found where I can do this in Group Policy but I cannot see how it was done before, that is to say that in Group Policy, the original certificate is not there.  How do I test this new certificate works and am I supposed to assign a key to it or something?

Any help would be gratefully received.
0
Comment
Question by:fuzzyfreak
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 46

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 39760590
It may be that RAS doesn't use the NPS service for authentication.  If it doesn't you just need to renew the certificate on the NPS server and delete the expired one.

If you do use NPS for RAS authentication you'll need to choose the certificate to use.

In NPS, open Policies then Network Policies then find the policy which uses the certificate.  If you open the relevant policy there will be a drop-down box in either the Condition or Constraint which determines the authentication protocol.  This drop-down box allows you to choose which certificate to use.  Change it to the new certificate and that should be it.

If you're unsure where to go just post a screenshot of your NPS server's Network Policies page and I'll direct you from there.
0
 
LVL 4

Author Comment

by:fuzzyfreak
ID: 39762400
Many thanks for your help, I looked where you instructed me to and found where the certificate was configured but it gave a different date to the expired one and one that showed an expiry of 11th July this year.  I looked for the new one I created and though I think I found it (there were only four to choose from) this too gave me a completely different date.  The new one I created showed an expiry of twelve months time, this one gave me an expiry of 2019 - so I am left rather baffled.  Either way, changing the certificate did not resolve the issue so my boss took control and reconfigured our WAPs to use a pre-shared key, thus bypassing RADIUS/NPS.  To be honest, where we are located, this will suffice I think, so I would say this question is now redundant.

Thanks very much for your comprehensive assistance.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

OfficeMate Freezes on login or does not load after login credentials are input.
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question