Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started.

New Member

Certificate Authentication

I am having issues with EAP-TLS certificate authentication between client Windows XP and ACS 5.2.  I have a third party computer Root CA certificate on the ACS server running Windows 2000 and also a Root CA and user Certificate on the client machine running Windows XP.  I have a test WLAN configured on the 5508 WLC.  Everything is working fine except I am getting "EAP-TLS" authentication timeouts reported on the ACS.  I have attached a file of the errors I am getting on the ACS.  It seems as if I am not getting a response from the certificate that is installed on the client machine once it makes the initial request to the ACS.

I am testing this as a proof of concept at one of my customer's site.  The requirement is not to involve AD (Active Directory) at all in this configuration and not have to build a CA server.  The goal is to have successful certificate based authentication between the client and the ACS using EAP-TLS.  Please see error logs for messages reported from ACS.  It looks like the the cert is being pulled from a location with hostname "SMS" but on the client machine it should be pulled from hostname "NDCVACSP". 

Is there anyone who can assist me in this?

  • Security and Network Management
New Member

Re: Certificate Authentication

It sound like you need to auto-generate the certificate to use in the device with the. Device itself, then the error will go away.

Sent from Cisco Technical Support iPad App