04-20-2022 06:38 AM
Hi all
We creating Wireless network on Cisco WLC 5520-8.10.162.0 with Enterprise security. Authentication will be processed on Cisco ISE 3.2. Endpoint client is regular windows 10 tablet.
We created SSID and choose all configs done successfully.
We created certificate chain, RootCA, IntermetiadeCA, and Client cert...
RootCA and Intermediate certificates installed on ISE, Root certificate is installed to Trusted certificate, intermediate certificate is installed to system certificates and role is choosen "EAP-TLS".
Our main goal is only provide client certificates to the end users and client certificate installed devices needs to join to wireless network. Once we installed client certificate only in Personal certificate store, it is not working. when we installing RootCA to Trusted Root store and intermediateCA to Intermediate certification authority store, clients starts authenticating.
What is certificate requirement of the client in our case?
Solved! Go to Solution.
04-23-2022 11:07 PM
Your client has been configured specifically to check the RADIUS EAP certificate. If the client does not have the CA cert chain that signed the ISE EAP Certificate, then the client will abort the TLS communications ( you will see this clearly in the ISE Live Logs).
If you decided to change the client config to not care about this trust (bad idea!!) then you don't need to install the CA cert chain on the client.
04-23-2022 11:07 PM
Your client has been configured specifically to check the RADIUS EAP certificate. If the client does not have the CA cert chain that signed the ISE EAP Certificate, then the client will abort the TLS communications ( you will see this clearly in the ISE Live Logs).
If you decided to change the client config to not care about this trust (bad idea!!) then you don't need to install the CA cert chain on the client.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide