09-10-2012 10:10 AM
We have a customer that is college university.
They have and 802.1X user only authenticatoin network so users can use own devices and their staff/student domain credentials to authenticate against Windows AD, IAS RADIUS server. The Cert on IAS server is signed by GeoTrust Global CA
Users connect with non-domain machines, using thier own Devices.
Windows 7 and other OS are not accepting the certifacte signed by GeoTrusts.
A solution is to set the wireless settings to NOT Validate server certificate.
We want a solution that requiers the least amount of configuration and management. Customers want the simplest setup for end-user so IT staff does not have to touch all these laptops.
Is there a Root CA that is automatically trusted by most devices, esp. windows 7?
Is there a better way to configure this network to avoid this issue?
09-10-2012 06:55 PM
To ensure this, you would need an application that distributes the root CA and configures the WLAN devices, like Quickconnect...
a 30-day free trial is here: http://page.arubanetworks.com/BYODQUICKCONNECT30Da
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base
09-11-2012 12:53 PM
We use a self signed certificate which requires unchecking the validate certificate option. What we did was use the netsh command to export a working WIFI profile and then created a batch file to import the exported profile. To make it easier, we used IExpress http://en.wikipedia.org/wiki/IExpress to wrap the files in an executable. The client runs a the small executable in Windows 7, it imports the profile, and they are prompted to enter their credentials for 802.1x.