I'm using Internal CA (Microsoft Win 2003 CA) to provide SSL certificates to NAC. The problem is that, end users are still getting warnings on login to the network the same way as when i was using the Perfigo Certificate. I've tried to install the server certificate to clients but still the CA is seems to be untrusted. Does this mean that i have to buy certificates from trusted Authorities like Verisign or still there is something i can do to my CA? Please help.
The second problem will come up if you're trying to access the device in question with a name that is different than what the cert says the name should be. For example if your cas is named cas1.abc.com and you try to access it with the url consisting of the ip address for that CAS, you will see that message. Ensure that the CN you have for the certificate is what you're using to access the CAS and you shouldn't see that problem.
If you click on that link, does it tell you to download a cert?
If so, take that file to the client and double click on it. It should install in the correct store automatically.