Hello All, I'm in the process of setting up PEAP with ACS 5. From understanding the certificate that I generate is a server side certificate used between ACS and CA authority. However, according to the Cisco document that I'm using it sounds like I still have to install a certificate on the wireless clients that validate the server certificate.
Is there a process to push this cert out via AD or do I need to manually install it and if I wanted can I get away with out checking the validate the server certificate on the wireless client?
I guess what I was getting confused based on the below picture I was thinking that when I validate the server side cert that I would also need to install the cert on the client under "trusted root certification authorities".
I realize now that all we are doing based on the picture is validating the server side cert and saying we are using this particular CA trusted root authority. In this example it is "ca.demo.local"
Is it really necessary to validate the server certificate on the client? What are the issues if I do not?