Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Updated Thawte Certificate Issue

This thread has been viewed 0 times

  • 1.  Updated Thawte Certificate Issue

    Posted May 27, 2015 11:01 AM

    I'm in the process of updating my certificate on NPS (no clearpass...yet). I've added the new cert and changed the client policy but users are unable to connect. I put a device in the debugger and looked at the auth-trace and the user-debug log and the only thing that stands out is that the rad-req and rad-resp. When i move to the new cert the radius server isn't listed in the logs and when I move it back the radius server is listed. I deleted the configs on the client and readded them without server validation and I'm still seeing issues.

     

    The new intermediate cert is "thawte SSL CA - G2" vs the old "Thawte SSL CA"

     

    New cert, Failed to connect:

    May 27 08:56:13 rad-req -> 00:00:00:00:00:00 11:11:11:11:11:11 122 201

     

    Old cert, Successful connection:

    May 27 08:56:47 rad-req -> 00:00:00:00:00:00 11:11:11:11:11:11/nps_svr 19 271
    May 27 08:56:47 rad-resp <- 00:00:00:00:00:00 11:11:11:11:11:11/nps_svr 19 191

     

    If anyone has any ideas/suggestions I'm willing to go down the rabbit hole.

     

    Thanks,

     

    Rosie!



  • 2.  RE: Updated Thawte Certificate Issue
    Best Answer

    Posted May 28, 2015 02:32 PM

    Just wanted to answer my own question. The certificate wasn't corresponding with the private key so I had to run the command line certutil tool to repair the newly imported certificate.

     

    Thanks!

     

    -Rosie

     

    Reference:

     

    How to assign a private key to a new certificate after you use the Certificates snap-in to delete the original certificate in Internet Information Services