Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PEAP + self signed certificate

i have CS ACS SE and i want to run peap for widnows EAP-MSCHAPv2 what is the correct CA in the trusted root certification Authorities list i ahve to choos in windows client

4 REPLIES

Re: PEAP + self signed certificate

You need to look for a certificate name that was kept at the time to generating self sign cert.

New Member

Re: PEAP + self signed certificate

Did that mean i have to copy the certificate whihc i genertaed and install it in eahc client to be shown in the list

or haw i can shaw it in list without installing it

Re: PEAP + self signed certificate

Yes, you need to install the cert on each client. However if you want to avoid installing it on each client then we need to make sure"Validate Server

Certificate" option under PEAP properties on client is UNCHECKED.

New Member

Re: PEAP + self signed certificate

The client needs the root certificate of the CA. Hence if you are using certificates from Verisign or something similar then your client (Windows) already has the root cert.

But if you are using your own Ms. CA then you can push certificates through Active Directory. That way manual installation can be eliminated.

Otherwise either manual installation or unchecking "Validate Server Certificate" are the only options.

156
Views
0
Helpful
4
Replies