?
Solved

How does my NPS certificate work?

Posted on 2015-02-19
4
Medium Priority
?
107 Views
Last Modified: 2015-02-20
Hi,

I've had to pick up a NPS RADIUS configuration since a colleague left.

It's all configured but I'm struggling to understand how it's strung together - mainly for the certificate side of things.

There is a "wireless connection" certificate created which apparently is the certificate needed in order to authenticate to the wireless network. This is set to auto enroll.

The issue is, looking at the config on the NPS server, I cannot see anywhere where it actually states that this is the certificate that should be used. Under the connection policy, I can see it requires authentication via a certificate. I assumed it would be a case of telling the policy which cert to use but all I can see is the CA server listed under the settings.

It's the first time I've dealt with certs which is why I'm struggling really.
I have raised another question about an issue I get with being auto enrolled but that's another topic.

How on earth does the policy know which certificate I should have in order to allow me to connect?

Any help/advice would be welcome.

Thanks
0
Comment
Question by:MFAFC
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 

Author Comment

by:MFAFC
ID: 40619022
Is it because the certificate simply has "server authentication" as one of it's intended purposes that allows me to connect?
0
 
LVL 22

Accepted Solution

by:
Jakob Digranes earned 1000 total points
ID: 40619775
Yes --- you're quite right in your own comment. There is no place in the policy that specify what certificate can be used. You'd need the client authentication (or server authentication) intended purpose. If you have only one certificate, windows will select this - if you have multiple - it will ask you to choose using a dialog box that pops up before authentication
0
 
LVL 30

Assisted Solution

by:Rich Weissler
Rich Weissler earned 1000 total points
ID: 40619864
The certificate requirement depends on what is being authenticated.  From Microsoft Technet:
"For example, a certificate used for the authentication of a client to a server must be configured with the Client Authentication purpose. Similarly, a certificate used for the authentication of a server must be configured with the Server Authentication purpose. "
0
 

Author Comment

by:MFAFC
ID: 40620727
Thank you both for taking the time to help.
0

Featured Post

Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question