MSDN Forum: MS PKI Certificate based authentication on network access control device.

Shardul Rane 1 Reputation point
2020-08-29T11:20:56.72+00:00

I have a 2 tier PKI infrastructure. With my SUB CA issuing certificates to machines(win 10) and user's through group policy. We are testing certificate based authentication with the NAC(aruba clearpass).The machine has user and the client certificate, we changed the network adaptor settings to smart card and other certificates. EAP-TLS is configured on the NAC.
The machine authentication is successful but while user authentication it is unsuccessful and in the event log we find :
A certificate could not be found that can be used with this extensible authentication protocol.
My user certificate is v3 cert with Client Authentication, Server Authentication usage.

21354-image.png

Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,774 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Candy Luo 12,686 Reputation points Microsoft Vendor
    2020-08-31T08:41:55.543+00:00

    Hi ,

    Please first check the following path:

    Check it is issued by which CA and whether the client is the same.

    21476-image.png

    Best Regards,

    Candy

    0 comments