Friday, October 7, 2011

802.1x, PEAP, NPS, Wildcard Certificates, and You.

I recently had an issue involving wireless clients authenticating against our RADIUS server, which is a Windows Server 2008 R2 box running the NPS role. The certificate that we were using to secure PEAP was expiring and we needed a new one. We have a DigiCert wildcard plus that allows unlimited duplicates and unlimited server installs. Sweet, right? I thought so too. So, I requested a duplicate for our NPS server and verified that it met all of the requirements here. Check, and check. Install the certificate, test on my MacBook: everything looks good. Test on my iPad: looks good. Test on my Android phone: yep. Test on a Windows 7 laptop: won't authenticate.