- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-28-2024 05:59 AM
Hi all;
When configuring EAP authentication methods on the Windows-based supplicant, one of the possible options is to choose your desired Trusted Root Certificate Authorities. Right?
My question is that, why choosing any trusted certificate in this box at all? Based of my findings, even not choosing any certificate here, the authentication process goes smoothly...
Another question is that, as you can see above, even though I have one Root CA in my lab, there is two entries in the "Trusted Root Certificate Authorities" section. Can anybody explain why?
Thanks
Solved! Go to Solution.
- Labels:
-
AAA
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-28-2024 06:47 AM
As @Flavio Miranda pointed out, you may need to choose one certificate when there are multiple of them installed in the computer, specially useful for merge and acquisitions when there could be one from the legacy company and one from the new company. Windows does not make a good job when selecting "Simple Certificate selection" as it use to select the first one, which may be not the right one.
Regarding the question about duplicated Trusted Root CA entries in the Windows wireless profile window, that's something up to Windows, may be something with an intention, or maybe a cosmethic issue, but this is happening since I remember for company CA certificates.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-28-2024 06:21 AM
The way I see it they are not there to be chose. They are available to be used and the check box can be used for specif configuration and view the certificate.
"Trusted Root Certificate Authorities" are the companies that now a days are recognized as valid and trustfull certificate authorities and vendors install by default. Not often but sometimes it happens to one of those companies be removed. Most recent case I am aware of is Entrust company.
Hard to say why your installation got two entry but you can remove one if that is the case.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-28-2024 06:23 AM - edited 11-28-2024 06:25 AM
What specific configuration do you mean?
You can view the content of the certificate even without first check marking it...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-28-2024 06:27 AM
Select one and and go to view certificate.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-28-2024 06:30 AM
As you can see in the following document, Cisco TAC clearly specifying the choose operation. I want to know why?
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-28-2024 06:33 AM
Exactly what I Just Said. They choose one and go to advanced for specific configuration
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-28-2024 06:47 AM
As @Flavio Miranda pointed out, you may need to choose one certificate when there are multiple of them installed in the computer, specially useful for merge and acquisitions when there could be one from the legacy company and one from the new company. Windows does not make a good job when selecting "Simple Certificate selection" as it use to select the first one, which may be not the right one.
Regarding the question about duplicated Trusted Root CA entries in the Windows wireless profile window, that's something up to Windows, may be something with an intention, or maybe a cosmethic issue, but this is happening since I remember for company CA certificates.
