Up the client for tls, Setting up the, Client for tls authentication – Intel 3945ABG User Manual
Page 117: Obtain and install a client certificate. refer to, Set up the client for tls authentication
How to Obtain a Client Certificate
If you do not have any certificates for EAP-TLS (TLS) or EAP-TTLS (TTLS) you must obtain a
client certificate to allow authentication.
Certificates are managed from either Internet Explorer or the Microsoft Windows Control Panel.
Microsoft Windows XP and Microsoft Windows 2000: When a client certificate is obtained,
do not enable strong private key protection. If you enable strong private key protection for a
certificate, you need to enter an access password for the certificate every time this certificate is
used. You must disable strong private key protection for the certificate if you configure the
service for TLS or TTLS authentication. Otherwise, the 802.1x service fails authentication
because there is no logged in user to provide the required password.
Notes about Smart Cards
After a Smart Card is installed, the certificate is automatically installed on your computer and is
chosen from the personal certificate store and root certificate store.
Set up the Client for TLS authentication
Step 1: Obtain a certificate
To allow TLS authentication, you need a valid client certificate in the local repository for the
logged-in user's account. You also need a trusted CA certificate in the root store.
The following information provides two methods for obtaining a certificate:
●
From a corporate certification authority (CA) implemented on a Windows 2000 server.
●
Import a certificate from a file with Internet Explorer's certificate import wizard.
If you do not know how to obtain a user certificate from the CA, consult your administrator for
the procedure.
To install the CA on the local machine:
1. Obtain the CA and store it on your local drive.
2. Click Import. The Certificate Import Wizard opens.
3. Click Next.
4. Click Browse to locate the certificate on your local drive.
5. Click the exported certificate.
6. Click Open.
7. Click Next.
8. Click Place all certificates in the following store.
9. Click Browse to open the Select Certificate Store.
10. Click Show physical stores.