Security

Reply
Contributor I

Onboard with ADCS - Certificate doesn't have private key

Staring a new thread on this issue...

 

I've got Onboard configured as an intermediate CA to ADCS. When devices go through the Onboarding process, a certificate is created in ADCS, and it also shows up in the Onboard certificate list.

However, the certificate is not installed in the client machine.

 

Upon inspection of the certificate, I see that it does not contain the private key.  :-(   

From experimenting, I've noticed that Windows won't install a certificate in the Personal store, unless it's got a private key.

 

Is there any setting in Clearpass that affects the certificate request that is sent to ADCS?

 

I realize that this could certainly be a Windows CA configuration issue, but has anyone else seen this? I've used the User template, and also created a new one. The template has 'Allow private key to be exported' checked.

 

Thanks.

 

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: