beautypg.com

Configuring automatic certificate issuing, Requesting a server certificate, Configuring automatic certificate issuing -26 – Motorola 2.1 User Manual

Page 40: Requesting a server certificate -26, Procedure 2-7

background image

Chapter 2: Network Setup

5

Verify correct installation of CA services.
Once installation is complete:

• Verify correct installation by opening the Certificates (Local Computer). Click Start |

Run | and type MMC.exe. Press enter.

• Browse to the certificate store by selecting: Console / Add/Remove Snap-in / Add… /

Certificates / Computer Account

.

Result

: The select PC dialog appears.

• Select

Local Computer

.

• Ensure that the new CA certificate is stored in the Trusted Root Certification Authorities

/ Certificates folder. You should see a trusted root certificate called radius.

Click on the personal folder and click on certificates. Delete the auto generated
certificate called radius. We will re-create this later.

6

Verify that the certificate services web interface is functional.
Using another computer on the network, connect to the certificate server's certificate services
interface at URL: http://172.31.0.21/certsrv.

Configuring Automatic Certificate Issuing

Procedure 2-7 describes how to configure whether or not an administrator needs to approve
certificate requests (manual or automatic issuing).

Procedure 2-7

Configuring Automatic Certificate Issuing

1

Open the Certification Authority item by selecting Control Panel / Administrative Tools.

2

Right click on the name of your local root CA server in the tree view and select Properties.

3

Open the Policy Module tab and click the Properties… button.

4

Select the radio button labeled Follow the settings in the certificate template, if applicable.
Otherwise, automatically issue the certificate

from the Request Handling tab.

5

Restart the Certificate Services to have the changes take effect.

• Selecting

Control Panel / Administrative Tools / Services

.

• Select and restart the Certificate Services service.

Requesting a Server Certificate

The procedure to request a certificate for a network server creates a digital certificate for the
RADIUS server to use for EAP-TTLS authentication.

A server certificate signed by our new CA as well as a copy of the trusted root certificate must
be installed on the RADIUS server. Procedure 5-6 describes how to generate a server
certificate. You must have administrator access on this computer to install the certificates in
the local computer store (required).

2-26

See also other documents in the category Motorola Hardware: