Windows – TLS

Microsoft Windows – TLS with Client Certificate

This page describes steps required to connect a Windows desktop system to a WPA2-Enterprise secured network using TLS authentication with client certificates.

Installing Root CA Certificate

For your windows users to be able to authenticate using a certificate, it is necessary to have the Root CA Certificate in the Trusted Root Certification Authorities repository installed.

Please download the IronWifi Root CA certificate from and follow instructions.










Configuring Windows Client

In the Management Console, go to users profile and click Certificate - generate. A new User Certificate popup dialog will appear asking you to select desired Security level.


TLS Certificate Signing Request


After you click on the Continue button, a Certificate Signing Request will be generated and sent to the server to be signed by the IronWifi Certificate Authority. If successful, confirmation notice should be visible in top of the window.

If you are using Internet Explorer or Mobile Safari, your browser does not support this feature and you will have to import downloaded User Certificate manually.

TLS Client Certificate Import Success


After you import certificate, we can continue and change authentication method in Wireless Network Properties.


TLS Network Security Settings


Since this is the first time we are connecting to this server and we don't have the IronWifi Root Certificate imported, we deselect the Validate server certificate check-box. After our initial successful connection, it might be a good idea to turn this option back on.

Certificate Properties


A small popup window is going to ask which personal certificate should be used for authentication. Select the newly imported certificate and click OK.


Select Client Certificate


Since this is the first time, we are connecting to this network using TLS authentication, an alert window will inform us about unknown certificate. Click Connect to continue or open Details to examine the certificates details.


Server Certificate Warning


Last click on the Connect button should connect your system to your protected network.


TLS Connection Successful