Creating an IEEE 802.1x certificate for the Hub

192 views 0

If you do not want to purchase a certificate for the connection to an authentication server (Radius) from a public certification authority (CA), then you can also create this in your Active Directory with your own CA. In this case, however, you must install the root certificate and, if applicable, the intermediate certification authority certifi­cate on the authentication server.

  • To do this, enable the role Active Directory Certificate Services with the setup type Enterprise on the Active Directory server or on a member server.
  • Create a technical user account in your Active Directory – for example, TPservice –, which allows the Hub(s) to log on to the authentication server.
  • Then log on to the member server with this account.
  • Open the Certificate Management in the MMC.
  • Highlight the certificate store Certificates (Current User) Personal and select All Tasks Request New Certificate.member server: requesting a user certificate for the Hubmember server: requesting a user certificate for the Hub
  • In the Request Certificates menu, open the properties of the User certificate to be created.member server: changing the settings of the user certificatemember server: changing the settings of the user certificate
  • On the Private Key tab, mark the certificate’s private key as exportable.member server: marking the private key as exportablemember server: marking the private key as exportable
  • If you have several CAs in your Active Directory, select the CA on the Certification Authority tab. You must distribute its root certificate to the authentication devices.member server: selecting a specific CAmember server: selecting a specific CA
  • Finally, select the User certificate type and click Enroll to install the certificate on the local machine. This is automatically stored in the certificate store Certificates (Current User) Personal).member server: installing the user certificate on the local machinemember server: installing the user certificate on the local machine
  • Export the certificate with its key (file format.pfx).member server: exporting the user certificate for the Hubmember server: exporting the user certificate for the Hub
  • Assign a password when exporting.member server: securing the certificate’s key with a passwordmember server: securing the certificate’s key with a password
Previous Page
Next Page

Was this helpful?