cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
660
Views
4
Helpful
10
Replies

acs server certificate

zanub
Level 1
Level 1

hi all,

i'm tryin to get the certificate setup for the peap authentication for wireless clients.i installed the certificate according, enabled peap/tls authenticatiion, checked the certificate trust lists.

i was able to connect to the server without the certificate installed.then downloaded the server certificate for peap server authentication.selected it for authentication in the client software(lenovo/ibm access connection)and now the profile doesn connect..

is there any special steps when installing the certificate, cause even TLS with only user certificate(unchecked server certificate) authentication works..

please help...

10 Replies 10

Jagdeep Gambhir
Level 10
Level 10

Hi,

Are you using self sign certs? If yes then you don't need server certificate on client. Server cert is only installed on radius. If you are using MS certs or any other 3rd party certs then you need to install CA on the client.

Self signed cert is only used for the server cert.

Regards,

~JG

Pls rate helpful posts

hi,

thanks for the reply..

i'm using ms cert authority..i'm downloading the server cert into client machine using http:///certsrv

once i select the certicate also, the PEAP profile fails to connect.PEAP profile w/o certificate connects properly.also in acs all the settings look proper according to all the documentation..i feel its something related to certificates..

thanks..

Hi ,

With PEAP there is no need to install server cert on the Client.

On ACS you need,

1) CA

2)Server Cert

On Client

1) CA (Optional)

Please check this PEAP guide.

Regards,

~JG

hi,

yes u a right the ca certificate is optional in the client. i guess i mentioned server certificate instead of ca certificate for client..actually we mention certs downloaded from ms cert service webpage as server cert and user cert.

i installed the ca certificate on the client as in step 16 and when i try to connect with this certificate option checked, the peap connection fails.

also the document is very good.i had got all the info in this document from diff websites, not all at one place..please do tell where u got this document from..

thanks..

Hi,

This doc is not available on any site. This was made by one of my senior engineer Bradley. W.Mountford. Hats of to Brad

Good to know that you find it handy.

Thanks,

~JG

Please mark it resolved to other can benefit from it.

hi,

acutally i'm still facing the issue. still not able to connect with certificate installed..dont know wat am doin wrong..anyways hope to resolve soon..

thanks..

Hi,

Let me know if it is working fine for you ?

Regards.

nope..i guess its something wrong in the way i'm installing the certificate in the servre machine..i'm facing similar issue with odyssey client..also tried creating a template for server authentication(copied from web server template) and installing on the server..no luck yet..

What Exactly is happening ? Can you provide me some more details ?

Regards

You can try this:

When installing the certificate, choose:

- Place all certificates in the following sthore:

- Check "Show physical stores"

- Expand the store you want to use

- In the store, choose Local Computer

We use it this way, so every user of the computer has rights to use the certificate.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: