We worked on a case recently where no users could connect to a wireless network that used an NPS server as its radius server.
When any user tried to connect there was an instant deny in the events on the NPS server with the following reason “The certificate chain was issued by an authority that is not trusted.”
What the issue turned out to be was that the certificate for the NPS server has expired, so we had to get a new cert and apply it to the NPS server in order to resolve this.
You do this by doing the following steps.
Resolution Steps
- Obtain new cert
- Import cert into the personal store of the local computer
- Open the NPS Console
- Expand Policies and go to “Connection Request Policies”
- Select the policy that users use to connect with
- Go to the “Settings” tab
- On EAP Types select “PEAP” and press edit
- Under Certificates Issued select your new cert on the drop down
- On EAP Types select “Smart Card or other certificate” and press edit
- Under Certificates Issued select your new cert on the drop down
- Press ok twice
After this change the errors went away and users could connect to the wireless with no issues J
