Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

EAP-TLS possible problem

Hi everyone, were using EAP-TLS for wlan security. we got hundreds of wlan users, what will happen if the client certificate expires? what can we do avoid it?

thanks

2 REPLIES
Hall of Fame Super Silver

Re: EAP-TLS possible problem

I too would like to hear some ways to get around that. I have never had experience with the certification expireing, but what I have been told is that you can have GPO have the clients renew the certificate at a given time before expiration. They say that it should be configured to have clients renew at half life of the cert expiration. GPO as I was told is the only way to get around having to manually enrol of a new certificate.

-Scott
*** Please rate helpful posts ***
New Member

Re: EAP-TLS possible problem

Hi,

there is an option under the certificate template configuration, that renews client certificates when they expire.

See point 15 under "Create the Certificate Template for the ACS Web Server" on this link:

http://www.cisco.com/en/US/partner/products/ps6366/products_configuration_example09186a00807917a6.shtml

Hope this helps!

116
Views
0
Helpful
2
Replies