PEAP certificate expiring on clients and ACS

Unanswered Question
Jan 11th, 2010
User Badges:

The certificate that is installed on the wireless clients and the ACS will be expiring.  The cert on both was installed from a Microsoft certificate server, which needs to be replaced/upgraded.  What do you think of this plan to renew the certs?


1) Create a new MS cert server

2) Load the new cert on the clients

3) For the ACS servers, generate a signing request, create the new cert, install it.


What's the process for creating and installing the new certificates on the clients?  I have several hundred.  I believe the certificate they currently use was automattically loaded when the computer joined the domain, but I'm not certain - can someone confirm (more of a Microsoft question).

Clients are using the Microsoft supplicant, and some have the "validate server certificate" box checked, some don't.


Thanks,

Al

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
joergjagg Mon, 07/12/2010 - 08:09
User Badges:

Hello.


I am in the same situation now.

As far as i know, i have done the same steps as agrigals 2 years ago:


1) Create a new  MS cert server

2) Load the new cert on the clients

3) For the ACS servers,  generate a signing request, create the new cert, install it.


Is this the right way? Any other ideas?


BR

J

agrigals Mon, 07/12/2010 - 08:41
User Badges:

Our Microsoft guys just renewed the cert on the existing cert server (not certain of the exact procedure for that), then I created and installed new certs for the ACS servers.  I can confirm that once the cert was renewed on the cert server, all of the wireless clients automattically received the new cert.  Please post the procedure you end up doing.


Thanks,

Al

Actions

This Discussion

 

 

Trending Topics - Security & Network