Information Technology Reference
In-Depth Information
Configuring computer certificates for client and server authentication
You need to configure the
purpose
of the certificate you will use to support client and server
authentication. To do this, start with the Workstation Authentication certificate template.
EXAM TIP
Some certificates are created with a purpose named all. this kind of certificate is intended
to work for all purposes, but does not work for NpS client authentication or server authen-
tication. Sounds like an exam question to me!
To configure a certificate for use by NPS, follow these steps on the AD CS computer:
1.
Open the Certificate Authority and expand the domain for which you're creating the
certificate.
2.
Right-click Certificate Templates and select Manage from the menu.
In the Certificate Templates Console shown in Figure 4-26, right-click Workstation
Authentication and select Duplicate Template from the menu.
3.
FIGURE 4-26
The Certificate Templates Console
On the General tab, type a new Template Display Name that describes the use of the
certificate, such as
NPS Client-Server Authentication
, and select Publish Certificate
In Active Directory.
4.
Click the Extensions tab shown in Figure 4-27 and then click Edit.
5.
