Manualshelf

Manual

ManualsBrandsAllied Telesis ManualsComputer HardwareAT-WA7400/EU
251252253254255256257258259260
AT-WA7400 Management Software User’s Guide
253
Obtaining a TLS-EAP Certificate for a Client
Note
If you want to use IEEE 802.1x mode with EAP-TLS certificates for
authentication and authorization of clients, you must have an
external RADIUS server and a Public Key Authority Infrastructure
(PKI), including a Certificate Authority (CA), server configured on
your network. It is beyond the scope of this document to describe
these configuration of the RADIUS server, PKI, and CA server.
Consult the documentation for those products.
Some good starting points available on the web for the Microsoft
Windows PKI software are: “How to Install/Uninstall a Public Key
Certificate Authority for Windows 2000” at http://
support.microsoft.com/default.aspx?scid=kb;EN-US;231881 and
“How to Configure a Certificate Server” at http://
support.microsoft.com/default.aspx?scid=kb;en-us;318710#3.
Wireless clients configured to use either WPA/WPA2 Enterprise (RADIUS)
or IEEE 802.1x security modes with an external RADIUS server that
supports TLS-EAP certificates must obtain a TLS certificate from the
RADIUS server.
This is an initial one-time step that must be completed on each client that
uses either of these modes with certificates. In this procedure, we use the
Microsoft Certificate Server as an example.
To obtain a certificate for a client, perform the following procedure:
1. Go to the following URL in a web browser:
https://
IPAddressOfServer
/certsrv/