05-11-2006 11:38 AM - edited 07-04-2021 12:04 PM
Hello,
I generated a certificate on my ACS - how do I add it to my windows PC wireless client so I can use it for EAP-TLS. On my windows PC I found certificate import wizard but the types supported are for .P7B, .PFX, .P12 file type and I believe the one on the ACS is a .ca file. Also how do I get it off the ACS for distribution. Thank You - Sean
05-11-2006 06:48 PM
Hi,
Do you have an root CA into your network? Did you use this to generate the Server certificate for ACS or you have used "generate self-signed certificate" option to do that? Using self-signed certificate you'll can use PEAP authentication only. For EAP-TLS authentication, you need a root CA server to generate a server certificate to ACS and a client certificate to users. Server and CA certificate files must be in Base64-encoded X.509
format or DER-encoded binary X.509 format. Use SHA-1 and a key size of 1024.The windows server has a certificate service and you can use it to generate these files.
Regards,
05-12-2006 10:21 AM
ok - thanks. So now I am running PEAP - don't care which I run (PEAP - EAPFAST) as long as the tunnel setup is out of band - i.e. via .pac file or Certificate (don't have a securid which would also work for my security requirements). I have a certificate generated on my ACS so how do I get it to my laptop out of band like. I do not have a Windows CA server for EAP-TLS or PEAP. I just want to generate a certificate on my ACS and load it on my laptop and GO! _ thanks much
05-12-2006 10:10 PM
This should prove cure for your network security requirement :
Go for "Self signed ceritificate" option, and in this link it also talks about how to intall it on a Client.
Let me know if it helps :)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide