Step 8: Installing User Certificates On Wireless Client Computers For Eap-Tls; Submit A User Certificate Request Via The Web; Request A Certificate - Extreme Networks Summit WM Technical Reference Manual
Version 5.1
Hide thumbs
Also See for Summit WM:
- Installation instructions (1 page) ,
- Getting started manual (126 pages) ,
- Maintenance manual (130 pages)
Table of Contents
Advertisement
The enterprise organization's information technology (IT) group can install a computer certificate before
the computer, typically a laptop, is delivered to its user.
For information about CAPICOM, search for "CAPICOM" at
Step 8: Installing User Certificates on Wireless Client
Computers for EAP-TLS
For user authentication with EAP-TLS, you must use a locally installed user certificate or a smart card.
The locally installed user certificate must be obtained through autoenrollment, Web enrollment, by
requesting the certificate using the Certificates snap-in, by importing a certificate file, or by running a
CAPICOM program or script.
The easiest methods of installing user certificates assume that network connectivity already exists, such
as using an Ethernet port. When the user connects to the intranet, they can obtain a user certificate
through autoenrollment or by submitting a user certificate request using Web enrollment or the
Certificate Manager. For more information about requesting a user certificate, see the "Submit a user
certificate request via the Web" and "Request a certificate" procedures in this section.
Alternately, the user can run a CAPICOM program or script provided by the network administrator.
The execution of the CAPICOM program or script can be automated through the user logon script.
If you have configured autoenrollment of user certificates, then the wireless user must update User
Configuration Group Policy to obtain a user certificate.
If you are not using autoenrollment for user certificates, use one of the following procedures to obtain a
user certificate.
Submit a user certificate request via the Web
1 Open Internet Explorer.
2 In Internet Explorer, connect to http://servername/certsrv, where servername is the name of the
Windows 2000 Web server where the CA you want to access is located.
3 Click Request a certificate, and then click Next.
4 On the Choose Request Type Web page, under User certificate request, select the type of certificate
you want to request, and click Next.
5 Do one of the following from the Identifying Information Web page: If you see the message "All the
necessary identifying information has already been collected. You may now submit your request,"
click Submit. Enter your identifying information for the certificate request, and click Submit.
6 If you see the Certificate Issued Web page, click Install this certificate
7 Close Internet Explorer
Request a certificate
1 Open an MMC console that contains Certificates – Current User.
2 In the console tree, right-click Personal, then point to All Tasks, and then click Request New
Certificate to start the Certificate Request wizard.
Summit WM Technical Reference Guide, Software Version 5.1
.
http://msdn.microsoft.com/
49
Advertisement
Table of Contents
