Re: IAS certificate

---

• From: "James McIllece [MS]" <jamesmci@xxxxxxxxxxxxxxxxxxxx>
• Date: Mon, 19 Dec 2005 11:51:27 -0800

---

"=?Utf-8?B?QWxsZW4=?=" <Allen@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
news:AE0DA16D-BF27-4E52-AAAA-BACE7077863D@xxxxxxxxxxxxx:

> I'm trying to setup wired port security using PEAP. I have setup a MS
> CA but am now confused about how to get a certificate on the server
> running IAS. From the IAS server I used the web form to request a
> certificate and then installed it from that form as well (through the
> browser). However, when I try to enable PEAP within the Remote Access
> Policy I'm told that a certificate can't be found that can be used
> with EAP.
>
> When requesting the cert I did speicfiy a server authenication
> certificate. Obvously, I'm missing something. Any help is much
> appreciated.
>
> Allen
>

Hi Allen --

Certificates that do not meet the minimum cert requirements won't appear in
the IAS console for selection for use with PEAP.

The cert must have the Server Authentication purpose in Enhanced Key Usage
extensions, and must meet other requirements that are described in the Help
topic "Network access authentication and certificates" in Windows Server
2003 IAS or VPN Help, or on the web at
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/Serv
erHelp/9d8b61c9-a870-4627-a8f2-148625fd7fba.mspx.

You should probably also refer to the following whitepaper, which is
written for Windows Server 2003 and W2K.:


"Deployment of IEEE 802.1X for Wired Networks Using Microsoft Windows"
http://www.microsoft.com/downloads/details.aspx?FamilyID=05951071-6b20-
4cef-9939-47c397ffd3dd&DisplayLang=en

--
James McIllece, Microsoft

Please do not send email directly to this alias. This is my online account
name for newsgroup participation only.

This posting is provided "AS IS" with no warranties, and confers no rights.
.

---

• Prev by Date: Accessing Challenge code from IAS extension
• Next by Date: IAS Extension DLL & PEAP
• Previous by thread: Re: IAS certificate
• Next by thread: Re: IAS certificate
• Index(es):
  • Date
  • Thread

---

Relevant Pages RPC over HTTP, Microsoft solution ... Exchange Server 2003 RPC over HTTP Deployment Scenarios ... Place a check in the box next to 'Certificate Services' and click 'Yes' ... (microsoft.public.exchange.setup) Re: Remote access policy ... certificate and server certificate .I want to connect the wireless XP ... There is a Help topic in IAS Help that tells the minimum server cert ... This is correct -- the Help topic is "Network access authentication and ... (microsoft.public.internet.radius) Re: OWA 2003 w/ Smart Card Authentication. ... Exchange 2003 server via ActivSync. ... the IIS certificate. ... Whether or not authentication will succeed is completely dictated by ... Server's SSL certificate must be configured on root of v-server via ... (microsoft.public.exchange.connectivity) Enabling guest wi-fi access w/ IAS & Cisco APs ... ? ... user certificates deployed with Certificate Server. ... Enterprise root and subordinate certificate servers, built the IAS ... The problem we are running into is trying to setup the guest access ... (microsoft.public.internet.radius) RE: PEAP based 802.1x LAN authentication ... Authentication, EAP Methods. ... Do you have PEAP added here? ... edit and make sure the certificate that you want to use is selected. ... the server certificate is now stored in "Personal " ... (Focus-Microsoft)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Internet  > microsoft.public.internet.radius  > 2005-12