Solved

Help needed with an expired RAS and IAS Server Certificate

Posted on 2014-01-06
2
868 Views
Last Modified: 2014-07-23
Recently my users started to experience problems getting onto our internal wireless network. As I am fairly new, I do not know how it is configured but through the event viewer I saw this - "The certificate received from the remote server has either expired or is not yet valid. The SSL connection request has failed. The attached data contains the server certificate."

I have opened Certificate Services on the server (my NPS) and noticed that the certificate expired on 17th December.  I figured out how to create a new personal certificate but I am stuck as to what to do now.  Do I drag it into the Trusted Root Certificate Authority?  How do I deploy it?  I have found where I can do this in Group Policy but I cannot see how it was done before, that is to say that in Group Policy, the original certificate is not there.  How do I test this new certificate works and am I supposed to assign a key to it or something?

Any help would be gratefully received.
0
Comment
Question by:fuzzyfreak
2 Comments
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 39760590
It may be that RAS doesn't use the NPS service for authentication.  If it doesn't you just need to renew the certificate on the NPS server and delete the expired one.

If you do use NPS for RAS authentication you'll need to choose the certificate to use.

In NPS, open Policies then Network Policies then find the policy which uses the certificate.  If you open the relevant policy there will be a drop-down box in either the Condition or Constraint which determines the authentication protocol.  This drop-down box allows you to choose which certificate to use.  Change it to the new certificate and that should be it.

If you're unsure where to go just post a screenshot of your NPS server's Network Policies page and I'll direct you from there.
0
 
LVL 4

Author Comment

by:fuzzyfreak
ID: 39762400
Many thanks for your help, I looked where you instructed me to and found where the certificate was configured but it gave a different date to the expired one and one that showed an expiry of 11th July this year.  I looked for the new one I created and though I think I found it (there were only four to choose from) this too gave me a completely different date.  The new one I created showed an expiry of twelve months time, this one gave me an expiry of 2019 - so I am left rather baffled.  Either way, changing the certificate did not resolve the issue so my boss took control and reconfigured our WAPs to use a pre-shared key, thus bypassing RADIUS/NPS.  To be honest, where we are located, this will suffice I think, so I would say this question is now redundant.

Thanks very much for your comprehensive assistance.
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now