Wireless Access

Reply
Occasional Contributor I

Client getting a Certificate error message

Hi,

 

I have a Microsoft NPS customer that is using a GoDaddy certificate.  The clients are connecting, however, before they connect, they are getting the following error popping up;

 

the server presented a valid certificate issued by Entrust.net Secure server certification Authority, but Entrust.net secure server certification authority is not configured as a valid trust anchor for this profile.  Further, the server is not configured as a valid NPS server to connect to for this profile

 

Can anyone tell me what this is happening and where I should be looking in order to fix this?

 

Thanks..

Occasional Contributor I

Re: Client getting a Certificate error message

I also would like to add that it's not only happening on Window devices, by Android, Apple IOS etc.  Basically, it happend everything they first try to authenticate.  they acknowledge it, and get authenticated.  If they disconnect and then try to reconnect they are prompted again with this error.

Guru Elite

Re: Client getting a Certificate error message

Do you have the root CA certificate installed on the NPS server?

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor I

Re: Client getting a Certificate error message

Yes, we do.

Guru Elite

Re: Client getting a Certificate error message

If you open the server certificate inside the NPS PEAP settings, are there
any chain trust errors?

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor I

Re: Client getting a Certificate error message

Hello, 

 We are having the same issue here. We are able to connect but we recieve this prompt before we can connect. Does someone have a resolution to this issue? 


aolavarr wrote:

Hi,

 

I have a Microsoft NPS customer that is using a GoDaddy certificate.  The clients are connecting, however, before they connect, they are getting the following error popping up;

 

the server presented a valid certificate issued by Entrust.net Secure server certification Authority, but Entrust.net secure server certification authority is not configured as a valid trust anchor for this profile.  Further, the server is not configured as a valid NPS server to connect to for this profile

 

Can anyone tell me what this is happening and where I should be looking in order to fix this?

 

Thanks..


CertError.jpg

Guru Elite

Re: Client getting a Certificate error message

This is a normal part of using legacy, insecure tunneled EAP methods on an unmanaged device.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor I

Re: Client getting a Certificate error message

We are using Nps servers at each location  with a root ca certificate . 
I don't have this issue with Cisco. 
Do I need to upload the certificate to airwave and push it down to the instant controller. ? 




Sent from my Verizon, Samsung Galaxy smartphone
Guru Elite

Re: Client getting a Certificate error message

No. This happens between the client and RADIUS server. Ensure that termination is not enabled on your IAPs or controller.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Occasional Contributor I

Re: Client getting a Certificate error message

The option to terminate is set to NO. 

 

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: