Solved

Help needed with an expired RAS and IAS Server Certificate

Posted on 2014-01-06
2
847 Views
Last Modified: 2014-07-23
Recently my users started to experience problems getting onto our internal wireless network. As I am fairly new, I do not know how it is configured but through the event viewer I saw this - "The certificate received from the remote server has either expired or is not yet valid. The SSL connection request has failed. The attached data contains the server certificate."

I have opened Certificate Services on the server (my NPS) and noticed that the certificate expired on 17th December.  I figured out how to create a new personal certificate but I am stuck as to what to do now.  Do I drag it into the Trusted Root Certificate Authority?  How do I deploy it?  I have found where I can do this in Group Policy but I cannot see how it was done before, that is to say that in Group Policy, the original certificate is not there.  How do I test this new certificate works and am I supposed to assign a key to it or something?

Any help would be gratefully received.
0
Comment
Question by:fuzzyfreak
2 Comments
 
LVL 45

Accepted Solution

by:
Craig Beck earned 500 total points
ID: 39760590
It may be that RAS doesn't use the NPS service for authentication.  If it doesn't you just need to renew the certificate on the NPS server and delete the expired one.

If you do use NPS for RAS authentication you'll need to choose the certificate to use.

In NPS, open Policies then Network Policies then find the policy which uses the certificate.  If you open the relevant policy there will be a drop-down box in either the Condition or Constraint which determines the authentication protocol.  This drop-down box allows you to choose which certificate to use.  Change it to the new certificate and that should be it.

If you're unsure where to go just post a screenshot of your NPS server's Network Policies page and I'll direct you from there.
0
 
LVL 4

Author Comment

by:fuzzyfreak
ID: 39762400
Many thanks for your help, I looked where you instructed me to and found where the certificate was configured but it gave a different date to the expired one and one that showed an expiry of 11th July this year.  I looked for the new one I created and though I think I found it (there were only four to choose from) this too gave me a completely different date.  The new one I created showed an expiry of twelve months time, this one gave me an expiry of 2019 - so I am left rather baffled.  Either way, changing the certificate did not resolve the issue so my boss took control and reconfigured our WAPs to use a pre-shared key, thus bypassing RADIUS/NPS.  To be honest, where we are located, this will suffice I think, so I would say this question is now redundant.

Thanks very much for your comprehensive assistance.
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

OfficeMate Freezes on login or does not load after login credentials are input.
Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now