After issuing a new certificate for a Windows Server 2003 running IAS this error presented itself in the IAS console when trying to configure EAP with the new certificate:
“A certificate could not be found that can be used with this Extensibel Authentication Protocol.”
This was accompanied by these two events in the System Log:
This was the new certificate, based on the default Computer template in Windows:
Notice the empty subject field, IAS/NPS does not accept certificates with empty subject names for use with EAP or Smart Cards. The certificate template that had been used for this certificate was a duplicate of the default Computer template. The template looked like this:
After creating a new template from the default Computer template, now with Subject name format set to Common name, and issuing a new certificate; IAS worked fine.
So don’t use certificate with blank subjects for your IAS/NPS servers…
Thx. for your rec. Solved my problem.
Thank you very much!!! I worked for days on a CA related issue and eventually had the feeling that something must have been wrong with the cert. template – and THAT WAS IT! Thanks to you I got 802.1X authentication finally to work!
I messed around with this forever and this solve my problem. Thanks