none
Certificate for Radius Authentication Wireless

    Question

  • I setup a Domain controller to handle radius authentication for our access points and that part works. However on iPhones you have to accept the untrusted cert and on laptops I have to setup the connection manually for it to work as it wants to verify the certificate. I don't know much about certs so that is why I need help. 

    Can i create a self signed cert and use that for the wireless and not have to setup the connection manually on laptops? 

    Or I have a wildcard cert for our domain (.com) but our local domain is .corp, can I use that for this? 

    If either of these will work which is best and what's the best way to add it to the config of radius?

    Thank you

    Tuesday, March 13, 2018 2:28 PM

All replies

  • Hi,

    Have a nice day! Thanks for your question.

    The Microsoft Network Policy Server (NPS) is often used as a RADIUS server for WiFi networks. It can provide authentication and authorization services for users on a wireless network. It’s able to use the self-signed cert for the wireless.  Also the same feasibility to use wildcards cert.

    If the number of authenticated clients on your domain is large, I suggest you to use Wildcards cert for authorization and authentication. Self-signed cert needs to be imported into each client.

    Please try the following article and perform the implementation.

    New-SelfSignedCertificate

    https://docs.microsoft.com/en-us/powershell/module/pkiclient/new-selfsignedcertificate?view=win10-ps

    Regarding to Accepted wildcards used by server certificates for server authentication, please refer the following link:

    https://support.microsoft.com/en-us/help/258858/accepted-wildcards-used-by-server-certificates-for-server-authenticati

    Hope above information helpful.

    Highly appreciate your effort and time. If you have any questions and concerns, please feel free to let me know.

    Best regards,   

    Michael


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Wednesday, March 14, 2018 8:12 AM
  • Hi,

    How are things going on? Was your issue resolved?

    Please let us know if you would like further assistance.

    Wish you have a nice weekend!

    Best regards,

    Michael


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Friday, March 16, 2018 9:22 AM
  • Hi,

    How are things going on? Was your issue resolved?

    Please let us know if you would like further assistance.

    Wish you have a nice day!

    Best regards,

    Michael


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Tuesday, March 20, 2018 9:58 AM
  • Hi,

    How are things going on? Was your issue resolved?

    Please let us know if you would like further assistance.

    Wish you have a nice day!

    Best regards,

    Michael


    Please remember to mark the replies as an answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com

    Thursday, March 22, 2018 11:29 AM