We help IT Professionals succeed at work.

local certificate authority expired on windows server 2012R2, renewed, but still not working

High Priority
61 Views
Last Modified: 2020-03-11
I am using a radius server, and my cert on my server expired.  I renewed it, but it's not taking effect. I restarted the cert service, but still no go.
What am I missing?

When I log into my smart phone, or windows pc, any device, it's failing to connect because my cert is expired.  See pictures below.
What else do I need to do?  Since I'm using a radius server, I don't know if I should delete this cert and create a new one, as it might have issues pointing to the wrong cert?

I keep on trying to connect on any device and still displays the old expired cert.

expired cert
iphone error
Comment
Watch Question

Peter HutchisonSenior Network Systems Specialist
CERTIFIED EXPERT

Commented:
Make sure that the root certificate is copied to your device to ensure that new certificates are trusted.
You can email the certificate to yourself, open email on your device and then you can download and install the root certificate.
DanNetwork Engineer

Author

Commented:

But in windows 10, when I try to connect to WiFi, it just refuses the connection right away.

If I have to copy the very manually to each PC, that’s not going to work, I have over 80 or so PCs, and I can do that for each one.

should I delete the entire certificate and recreate it?  Would that be better?

CERTIFIED EXPERT

Commented:
That looks like the root cert, not the server cert used by NPS
Peter HutchisonSenior Network Systems Specialist
CERTIFIED EXPERT

Commented:
How you also renewed any other certificates esp for NPS and installed it. It may still be using the old certificate on the NPS server!
DanNetwork Engineer

Author

Commented:

So how do I resolve that? Where would I look to see which very it’s using?

Senior Network Systems Specialist
CERTIFIED EXPERT
Commented:
Certificates are used for VPN and 801.x wireless networks (PEAP), so on the NPS server. Look first in Certificates.msc console for Local Machine to see what certificates are installed. Also, use the NPS console to check esp certificates which uses Server Authentication and Client Authentication  purposes.