The SSL cert is used for validating the identity of the server. We can use the local CA cert also, but before using that we need to make sure that the Root Cert is installed on every device on which NPS server is being used to connect to Wireless Network.
We can install 2 types of SSL cert
So its better to use the cert with Single Name Wildcard Certificate because it supported by all the OS.
So first generate a CSR from your RADIUS Server. Steps to do that you can find below:
Fill the properties mentioned of the certificate
Once you click on Finish the sert file will be generated.
Upload your cert file to your Certification provider and then wait for the certificate.
Once the CSR is generated Upload the CSR to the SSL Certficate Provider website and download the certificate.
Install the certificate on the NPS (RADIUS) server.
Open the Network Policy Server Administrative Center.
Goto Policies -> Network Policies -> Wireless Connections
Double Click on it
Select Microsoft PEAP and click Edit.
Select the Certificate you installed.
Click on OK and then STOP and START the NPS Service.
Note: remember that certificate will be installed with private key on the same server from which the CSR has been generated. If you have more than one server on which you need to insall the cert, then first install the cert on the server from which you generated the CSR, then export it in the form of .pfx with private key (make sure private key is exportable). Then install it on other servers.
We can install 2 types of SSL cert
- WildCard SSL Cert (*.domain.com)
- Single Name Cert (radius.domain.com)
So its better to use the cert with Single Name Wildcard Certificate because it supported by all the OS.
So first generate a CSR from your RADIUS Server. Steps to do that you can find below:
Fill the properties mentioned of the certificate
Once you click on Finish the sert file will be generated.
Upload your cert file to your Certification provider and then wait for the certificate.
Once the CSR is generated Upload the CSR to the SSL Certficate Provider website and download the certificate.
Install the certificate on the NPS (RADIUS) server.
Open the Network Policy Server Administrative Center.
Goto Policies -> Network Policies -> Wireless Connections
Double Click on it
Select Microsoft PEAP and click Edit.
Select the Certificate you installed.
Click on OK and then STOP and START the NPS Service.
Note: remember that certificate will be installed with private key on the same server from which the CSR has been generated. If you have more than one server on which you need to insall the cert, then first install the cert on the server from which you generated the CSR, then export it in the form of .pfx with private key (make sure private key is exportable). Then install it on other servers.
I am grateful for this blog to distribute knowledge about this significant topic. Here I found different segments and now I am going to use these new instructions with new enthusiasm.HPE LTO Ultrium 6250 Tape Drive
ReplyDelete