06-15-2010 11:05 AM - edited 03-10-2019 05:11 PM
Hello,
I am having a hard time getting my cert to work right on the ACS for PEAP. I have acs 4.2 se. I have a 3rd party .pem. certificate
I have loaded it into the install acs cert as the cert file and private key. I have also loaded into the authority setup, but after the reboot when I try to enable peap and eap-tls I get this error Failed to initialize PEAP or EAP-TLS authentication protocol because ACS certificate is not installed. I am not real knowledgeable about certificates so I am sure it is something simple I am doing wrong. Please help! Thanks in advance
06-15-2010 06:40 PM
This happens when we are missing some kind of certificate on the ACS. As you stated that you have installed the certificates and still you are
getting this error.
Most of the times I came across this error message when we don't have CA or Intermediate
certificate installed on the ACS certificate store.
Make sure that you have checked the certificate under certificate trust list. Also, restart the acs services and then try.
Regds,
JK
Do rate helpful posts
06-16-2010 08:51 AM
I think I have gotten that part to work now because it lets me enable EAP. However on my wireless client
it gives an error of Could not authenticate. Int he log it says authentication failed
during SSL handshake
06-16-2010 09:06 AM
Well, this error message says that there is certicate missing in the chain. Please check and make sure that you have full cert chain installed on theACS.
BTW. what eap type you are using?
Also, do we have validate server certificate option checked on the client side? If it is, please uncheck that option and try again.
Rgds,
JK
Do rate helpful posts-
06-16-2010 09:30 AM
Here is what I have selected under Global Authentication Setup
PEAP
Allow Posture Validation
PEAP session timeout (minutes) 120
Enable Fast Reconnect
EAP-TLS
Allow EAP-TLS
Certificate CN Comparison
Use Outer Identity
LEAP allow Leap (for Aironet only)
EAP-MD5 (Allow EAP-MD5)
MS-CHAP config
Allow ms-chapv1 authentication
Allow ms-chapv2 authentication
On the client under wireless properties
Network Authentication is Open
Data Encryption is WEP
check is key is provided for me authomatically
On the authenticaiton tab I have enable 1EEE 802.1x authentication network access for this network
I have had EAP type as smart card or certificate and have had vaildate server cert check and unchecked
I have also selected Protected EAP (PEAP) instead of smart card or certificate and get a ssl handshake error on te acs logs
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: