After issuing a new certificate for a Windows Server 2003 running IAS this error presented itself in the IAS console when trying to configure EAP with the new certificate:
“A certificate could not be found that can be used with this Extensibel Authentication Protocol.”
This was accompanied by these two events in the System Log:
This was the new certificate, based on the default Computer template in Windows:
Notice the empty subject field, IAS/NPS does not accept certificates with empty subject names for use with EAP or Smart Cards. The certificate template that had been used for this certificate was a duplicate of the default Computer template. The template looked like this:
After creating a new template from the default Computer template, now with Subject name format set to Common name, and issuing a new certificate; IAS worked fine.
So don’t use certificate with blank subjects for your IAS/NPS servers…