11-28-2024 05:59 AM
Hi all;
When configuring EAP authentication methods on the Windows-based supplicant, one of the possible options is to choose your desired Trusted Root Certificate Authorities. Right?
My question is that, why choosing any trusted certificate in this box at all? Based of my findings, even not choosing any certificate here, the authentication process goes smoothly...
Another question is that, as you can see above, even though I have one Root CA in my lab, there is two entries in the "Trusted Root Certificate Authorities" section. Can anybody explain why?
Thanks
Solved! Go to Solution.
11-28-2024 06:47 AM
As @Flavio Miranda pointed out, you may need to choose one certificate when there are multiple of them installed in the computer, specially useful for merge and acquisitions when there could be one from the legacy company and one from the new company. Windows does not make a good job when selecting "Simple Certificate selection" as it use to select the first one, which may be not the right one.
Regarding the question about duplicated Trusted Root CA entries in the Windows wireless profile window, that's something up to Windows, may be something with an intention, or maybe a cosmethic issue, but this is happening since I remember for company CA certificates.
11-28-2024 06:21 AM
The way I see it they are not there to be chose. They are available to be used and the check box can be used for specif configuration and view the certificate.
"Trusted Root Certificate Authorities" are the companies that now a days are recognized as valid and trustfull certificate authorities and vendors install by default. Not often but sometimes it happens to one of those companies be removed. Most recent case I am aware of is Entrust company.
Hard to say why your installation got two entry but you can remove one if that is the case.
11-28-2024 06:23 AM - edited 11-28-2024 06:25 AM
What specific configuration do you mean?
You can view the content of the certificate even without first check marking it...
11-28-2024 06:27 AM
Select one and and go to view certificate.
11-28-2024 06:30 AM
As you can see in the following document, Cisco TAC clearly specifying the choose operation. I want to know why?
Thanks
11-28-2024 06:33 AM
Exactly what I Just Said. They choose one and go to advanced for specific configuration
11-28-2024 06:47 AM
As @Flavio Miranda pointed out, you may need to choose one certificate when there are multiple of them installed in the computer, specially useful for merge and acquisitions when there could be one from the legacy company and one from the new company. Windows does not make a good job when selecting "Simple Certificate selection" as it use to select the first one, which may be not the right one.
Regarding the question about duplicated Trusted Root CA entries in the Windows wireless profile window, that's something up to Windows, may be something with an intention, or maybe a cosmethic issue, but this is happening since I remember for company CA certificates.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide