cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
793
Views
0
Helpful
2
Replies

PEAP certificate expiring on clients and ACS

agrigals
Level 1
Level 1

The certificate that is installed on the wireless clients and the ACS will be expiring.  The cert on both was installed from a Microsoft certificate server, which needs to be replaced/upgraded.  What do you think of this plan to renew the certs?

1) Create a new MS cert server

2) Load the new cert on the clients

3) For the ACS servers, generate a signing request, create the new cert, install it.

What's the process for creating and installing the new certificates on the clients?  I have several hundred.  I believe the certificate they currently use was automattically loaded when the computer joined the domain, but I'm not certain - can someone confirm (more of a Microsoft question).

Clients are using the Microsoft supplicant, and some have the "validate server certificate" box checked, some don't.

Thanks,

Al

2 Replies 2

joergjagg
Level 1
Level 1

Hello.

I am in the same situation now.

As far as i know, i have done the same steps as agrigals 2 years ago:

1) Create a new  MS cert server

2) Load the new cert on the clients

3) For the ACS servers,  generate a signing request, create the new cert, install it.

Is this the right way? Any other ideas?

BR

J

Our Microsoft guys just renewed the cert on the existing cert server (not certain of the exact procedure for that), then I created and installed new certs for the ACS servers.  I can confirm that once the cert was renewed on the cert server, all of the wireless clients automattically received the new cert.  Please post the procedure you end up doing.

Thanks,

Al

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: