Windows – TLS

Microsoft Windows – TLS with Client Certificate

This page describes steps required to connect a Windows desktop system to a WPA2-Enterprise secured network using TLS authentication with client certificates.

Installing Root CA Certificate

For your windows users to be able to authenticate using a certificate, it is necessary to have the Root CA Certificate in the Trusted Root Certification Authorities repository installed.

Please download the IronWifi Root CA certificate from http://console.ironwifi.com/assets/html/ironwifi.crt and follow instructions.


cert_import1

cert_import2

cert_import3

cert_import4

cert_import5

cert_import6

cert_import7

cert_import8

cert_import9

Configuring Windows Client


In the Management Console, go to users profile and click Certificate – generate. A new User Certificate popup dialog will appear asking you to select desired Security level.

 

TLS Certificate Signing Request

 

After you click on the Continue button, a Certificate Signing Request will be generated and sent to the server to be signed by the IronWifi Certificate Authority. If successful, confirmation notice should be visible in top of the window.

If you are using Internet Explorer or Mobile Safari, your browser does not support this feature and you will have to import downloaded User Certificate manually.

TLS Client Certificate Import Success

 

After you import certificate, we can continue and change authentication method in Wireless Network Properties.

 

TLS Network Security Settings

 

Since this is the first time we are connecting to this server and we don’t have the IronWifi Root Certificate imported, we deselect the Validate server certificate check-box. After our initial successful connection, it might be a good idea to turn this option back on.

Certificate Properties

 

A small popup window is going to ask which personal certificate should be used for authentication. Select the newly imported certificate and click OK.

 

Select Client Certificate

 

Since this is the first time, we are connecting to this network using TLS authentication, an alert window will inform us about unknown certificate. Click Connect to continue or open Details to examine the certificates details.

 

Server Certificate Warning

 

Last click on the Connect button should connect your system to your protected network.

 

TLS Connection Successful