Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
710
Views
0
Helpful
4
Replies

Client certificate question

Go to solution
octroncisco
Level 1
Level 1

‎03-24-2010 04:00 AM - edited ‎07-03-2021 06:39 PM

Hello,

I am novice with certs and I have a question. I want to implement EAP-TLS in a WPA deployment and I have a question about the client-side certificate.

When I install a client certificate in a machine for a specific user, is this certificate only valid for this machine and this user? Or can I export this certificate and use it in another machine but the same user?

Thanks in advance,

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎03-24-2010 06:07 AM

Here is a good link that explains the Microsoft certificate requirements.

http://support.microsoft.com/kb/814394

-Scott
*** Please rate helpful posts ***

View solution in original post

0 Helpful

Go to solution
Robert.N.Barrett_2
Level 4
Level 4

‎03-24-2010 09:44 AM

From my experience, you can copy the certificate to another computer (assuming a modern OS).  There are two problems with this, though:

1 - You must be able to export the entire certificate, including the private key, to be able to use the certificate on another machine.  Most PKI implementations prohibit/disable this.

2 - If you can export the certificate, including the private key, then you are risking the loss of integrity of your PKI.  Someone else can get that cert with the private key and impersonate the user.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎03-24-2010 06:07 AM

Here is a good link that explains the Microsoft certificate requirements.

http://support.microsoft.com/kb/814394

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
octroncisco
Level 1
Level 1
In response to Scott Fella

‎03-26-2010 12:16 AM

Thank you very much, it's a very useful link.

0 Helpful

Go to solution
Robert.N.Barrett_2
Level 4
Level 4

‎03-24-2010 09:44 AM

From my experience, you can copy the certificate to another computer (assuming a modern OS).  There are two problems with this, though:

1 - You must be able to export the entire certificate, including the private key, to be able to use the certificate on another machine.  Most PKI implementations prohibit/disable this.

2 - If you can export the certificate, including the private key, then you are risking the loss of integrity of your PKI.  Someone else can get that cert with the private key and impersonate the user.

0 Helpful

Go to solution
octroncisco
Level 1
Level 1
In response to Robert.N.Barrett_2

‎03-26-2010 12:16 AM

Thank you very much for the info.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card