@Jayke757 wrote:
I have been looking for advice on how to have Clearpass look for an existing certificate on a Windows 7 client as part of .1x authentication. I am successfully using AD group membership to allow SSO into our corporate SSID, but we also have a Workstation Authentication cert that all of our laptops get via self enrollment when they are added to the domain. I would like to verifiy this certificate exists.
Looking for conceptual advice and specific direction on using this option.
TYIA
If you are trying to do username/password authentication for users (EAP-PEAP) and certificate (EAP-TLS) for computers, you cannot do that combination. That is a limitation of the Windows Supplicant. Both authentication needs to be EAP-PEAP or EAP-TLS.