Wireless Access

Frequent Contributor II

Updated Thawte Certificate Issue

I'm in the process of updating my certificate on NPS (no clearpass...yet). I've added the new cert and changed the client policy but users are unable to connect. I put a device in the debugger and looked at the auth-trace and the user-debug log and the only thing that stands out is that the rad-req and rad-resp. When i move to the new cert the radius server isn't listed in the logs and when I move it back the radius server is listed. I deleted the configs on the client and readded them without server validation and I'm still seeing issues.


The new intermediate cert is "thawte SSL CA - G2" vs the old "Thawte SSL CA"


New cert, Failed to connect:

May 27 08:56:13 rad-req -> 00:00:00:00:00:00 11:11:11:11:11:11 122 201


Old cert, Successful connection:

May 27 08:56:47 rad-req -> 00:00:00:00:00:00 11:11:11:11:11:11/nps_svr 19 271
May 27 08:56:47 rad-resp <- 00:00:00:00:00:00 11:11:11:11:11:11/nps_svr 19 191


If anyone has any ideas/suggestions I'm willing to go down the rabbit hole.





Frequent Contributor II

Re: Updated Thawte Certificate Issue

Just wanted to answer my own question. The certificate wasn't corresponding with the private key so I had to run the command line certutil tool to repair the newly imported certificate.








How to assign a private key to a new certificate after you use the Certificates snap-in to delete the original certificate in Internet Information Services

Search Airheads
Showing results for 
Search instead for 
Did you mean: