locked
Wireless Certificate authentication error -On all XP and Win 7 computer RRS feed

  • Question

  • After I migrated my Certificate server from 2003 to Win 2008r2 all my clients started getting below error and it vanishes once they click connect .Interestingly if I disconnect or delete the profile created in Manage wireless device it again starts to prompt what could be the reason ?


    Anand Shankar


    • Edited by Anand - Tuesday, October 30, 2012 4:17 PM
    Tuesday, October 30, 2012 3:23 PM

All replies

  • Hi,

    Thanks for your post.

    Make sure the Root CA which issued the NPS certificate was trusted on wireless profile. Ensure the box was checked.

    In addition, you can push this configuration via Group Policy. For detailed steps, please refer to the following article. Hope it helps.

    Creating a secure 802.1x wireless infrastructure using Microsoft Windows

    http://blogs.technet.com/b/networking/archive/2012/05/30/creating-a-secure-802-1x-wireless-infrastructure-using-microsoft-windows.aspx

    Best Regards,

    Aiden


    Aiden Cao

    TechNet Community Support


    • Edited by Aiden_Cao Thursday, November 1, 2012 6:01 AM
    Thursday, November 1, 2012 6:01 AM
  • Thanks a lot for your reply ...

    I have only upgraded my Certificate Server to 2008 R2 Not Radius server its still 2003 . Additionally I am not getting the option to Trust certificate anywhere on Radius server remote access policies:


    Anand Shankar

    Thursday, November 1, 2012 10:05 AM
  • Hi,

    Sorry for the delay.

    The option is configured on client side wireless profile. You can use group policy to apply on all clients. After the Certificate services upgrade, have you change the Root CA on your environment?


    Best Regards,
    Aiden


    Aiden Cao

    TechNet Community Support

    Tuesday, November 6, 2012 5:43 AM
  • Thanks for your response Aiden

    Yes I have upgraded my certificate server to 2008 and my root CA has also changed (Is there a way to validate the same ).

    Could you please suggest what policy do we need to apply on client side to get rid of this error Message .


    Anand Shankar


    • Edited by Anand - Tuesday, November 6, 2012 6:14 AM
    Tuesday, November 6, 2012 6:13 AM
  • Hi,

    Please refer to the blog I post in previous reply.

    Step 5: Configuring Wireless Network (IEEE 802.11) Policies Group Policy Settings
    Step 6: Configuring Wireless Clients Authentication

    Computer Configuration/Windows Settings/Security Settings/Wireless Network Policies

    Make sure the new Root CA which issued the NPS certificate was trusted on wireless profile. Ensure the box of the new Root CA was checked.


    Best Regards,
    Aiden

     


    Aiden Cao

    TechNet Community Support

    Tuesday, November 6, 2012 6:55 AM
  • Could that be one of the reason why my GPO do not work on Wireless computers .

    In the meantime I am setting up as per recommended settings will keep you posted .


    Anand Shankar

    Tuesday, November 6, 2012 9:46 AM