Microsoft Windows – TLS with Client Certificate
This page describes steps required to connect a Windows desktop system to a WPA2-Enterprise secured network using TLS authentication with client certificates.
Installing Root CA Certificate
For your windows users to be able to authenticate using a certificate, it is necessary to have the Root CA Certificate in the Trusted Root Certification Authorities repository installed.
Please download the IronWifi Root CA certificate from http://console.ironwifi.com/assets/html/ironwifi.crt and follow instructions.
In the Management Console, go to users profile and click Certificate – generate. A new User Certificate popup dialog will appear asking you to select desired Security level.
After you click on the Continue button, a Certificate Signing Request will be generated and sent to the server to be signed by the IronWifi Certificate Authority. If successful, confirmation notice should be visible in top of the window.
If you are using Internet Explorer or Mobile Safari, your browser does not support this feature and you will have to import downloaded User Certificate manually.
After you import certificate, we can continue and change authentication method in Wireless Network Properties.
Since this is the first time we are connecting to this server and we don’t have the IronWifi Root Certificate imported, we deselect the Validate server certificate check-box. After our initial successful connection, it might be a good idea to turn this option back on.
A small popup window is going to ask which personal certificate should be used for authentication. Select the newly imported certificate and click OK.
Since this is the first time, we are connecting to this network using TLS authentication, an alert window will inform us about unknown certificate. Click Connect to continue or open Details to examine the certificates details.
Last click on the Connect button should connect your system to your protected network.