03-24-2010 04:00 AM - edited 07-03-2021 06:39 PM
Hello,
I am novice with certs and I have a question. I want to implement EAP-TLS in a WPA deployment and I have a question about the client-side certificate.
When I install a client certificate in a machine for a specific user, is this certificate only valid for this machine and this user? Or can I export this certificate and use it in another machine but the same user?
Thanks in advance,
Solved! Go to Solution.
03-24-2010 06:07 AM
Here is a good link that explains the Microsoft certificate requirements.
http://support.microsoft.com/kb/814394
03-24-2010 09:44 AM
From my experience, you can copy the certificate to another computer (assuming a modern OS). There are two problems with this, though:
1 - You must be able to export the entire certificate, including the private key, to be able to use the certificate on another machine. Most PKI implementations prohibit/disable this.
2 - If you can export the certificate, including the private key, then you are risking the loss of integrity of your PKI. Someone else can get that cert with the private key and impersonate the user.
03-24-2010 06:07 AM
Here is a good link that explains the Microsoft certificate requirements.
http://support.microsoft.com/kb/814394
03-26-2010 12:16 AM
Thank you very much, it's a very useful link.
03-24-2010 09:44 AM
From my experience, you can copy the certificate to another computer (assuming a modern OS). There are two problems with this, though:
1 - You must be able to export the entire certificate, including the private key, to be able to use the certificate on another machine. Most PKI implementations prohibit/disable this.
2 - If you can export the certificate, including the private key, then you are risking the loss of integrity of your PKI. Someone else can get that cert with the private key and impersonate the user.
03-26-2010 12:16 AM
Thank you very much for the info.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: