- This topic has 21 replies, 6 voices, and was last updated 2 years, 11 months ago by .
- You must be logged in to reply to this topic.
Tagged: 802.1x
Why should it renew the cert? Is it expired?
It will earliest renew a cert if the life time is half way done.
CG
yes, the expiry was set to 1 year and now its almost near to the expiry.
Are you still using WMS 1.4?
WMS, wnos.ini or WMS Advanced section?
ThinOS 8 or 9?
Post your config.
CG
I am using WMS 1.4, thinOs 8. below are the configurations I used
INI:
ScepAutoEnroll=yes \
AutoRenew=yes \
CommonName=$TN Organization=WyseDevice \
KeyUsage=digitalSignature;keyEncipherment \
KeyLength=2048 \
RequestURL=pki.***/certsrv/mscep/mscep.dll \
CACertHashType=MD5 \
CACertHash=0B***F \
ScepAdminURL=pki.***/certsrv/mscep_admin \
ScepUser=_svc_wysedevicejoin \
ScepUserDomain= ****\
ScepUserPwd=**** \
IEEE8021X=yes network=wired access=WPA-ENT ServerValidate=yes eap=yes eaptype=EAP-TLS tlsclntcert=$TN.pfx tlsauthtype=machine \
subAltName=$TN
Hello All,
I was finally able to get it working correctly, by making sure the NDES services wasn’t running on the CA. Once I moved the role to its own server, the SCEP client renewed its certificate as expected.
The annoying part is SCEP works the first time with the NDES running on the CA but the renewal mechanism does not work. I even pointed the client I had auto-renew back to my original CA and it wouldn’t renew the cert. (I set the Cert to only have a 1 hour expiry during this test)
Hope this helps.
Thanks for letting us know.
I will add this to my PDF.
CG
That’s a great find and helpful for me to look at root cause between our old server and the new one we built that got this working.
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |