Security

While trying to migrate Aruba controller RADIUS authentication for an 802.1x SSID off of a Windows NPS platform and on to Aruba ClearPass, our Windows 10 users were prompted with the following error:

My interpretation of this issue is that the user's stored certificate of the Windows NPS server is not the certificate being presented by ClearPass, so it warns the user something funny is going on.  MacOS users don't seem to be affected by this.

My question is whether this is a common scenario, and if there is a way to check the certificate being stored for an 802.1x SSID on a Windows device? I am not having much luck in identifying the stored cert that we "trust" on a per SSID basis.

Also to note the certificate being presented by ClearPass is signed by trusted CA's that the user laptop trusts.

The CA certificate that you are checking/trusting should be part of the WLAN profile under "Validate Server Certificate".  If none are checked, it should accept Server Certificates issues by any of the CA Certificates listed.  Please see here for what others have done to deal with that message:  https://social.technet.microsoft.com/Forums/en-US/541d1f31-3df9-44f4-8cad-6c916f98de22/windows-10-8021x-security-warning-due-to-kb4074588?forum=win10itprosecurity

Thanks Colin, much appreciated.  I found that article previously and was pretty sure that was the solution, but wanted to make sure the experts agreed ;)