No announcement yet.

Certificate not renewing automatically

  • Filter
  • Time
  • Show
Clear All
new posts

  • Certificate not renewing automatically

    We use a Windows NPS server for our Wireless authentication. When it was first setup the NPS server was a domain controller but we later removed the DC role from it as that wasn't necessary for its function. But we've found after doing that the certificate on the server that it gets from the forrest root doesn't renew like the ones on the DCs. It won't even let you renew it manually gives some sort of user unauthorized error. FOr now to get the Wireless working I just promoted it to a DC again. That updated the cert as part of that. Is there a way of getting the cert to update automatically on a non DC?

  • #2
    Your problem may be that the cert was originally given to that server when it was a DC, which means it may not be valid for the type of activity after the DC role is removed. Rather than trying to renew the existing cert, remove the DC role again, throw away the old cert and request a new one from your CA, based on the template for your NPS function.
    MSCA (2003/XP), Security+, CCNA

    ** Remember: credit where credit is due, and reputation points as appropriate **


    • #3
      Yea I think you're right. But we removed the DC role 6 months ago and it worked with the old DC cert till it expired. I think it just wouldn't renew because it was no longer a DC. What I don't know and I'm trying to figure out how to test is if I do remove the DC role and the associated cert and request a new one will the clients wireless connections work with the new one or will I have to bring in every laptop and somehow get the new cert on them via a Cable connection before they will authenticate wirelessly.