ECDSA Certificate EAP-TLS issue

[billrettig]

I'm having a terrible time with this. I have an ECDSA cert/key P384 along with it's certification path CA certs in a .p12 file. I have installed the client cert and the CA certs to the proper stores.

Every time I try to connect to my WPA2 network I get an error stating that a proper certificate could not be found. All certificate times are ok.

All help much appreciated

Bill

-----------------------------------
Chev65 - thank you for your interest. Yes, I had done what you have suggested. The interesting thing is that the certificate I installed is ECDSA and neither IE nor wireless will even list the cert as one that can be chosen when trying to authenticate However, IE does list the cert as installed.
I have used this cert to perform EAP-TLS authentication using other systems so I am 99% sure that the problem is not with the cert.

Does anyone know of any issues with Windows 7 and ECDSA certificates? I thought one of the improvements was incorporation of ECC and support for NSA Suite B.

 

[chev65]

Under "Manage wireless Networks" you should be using WPA2 Enterprize instead of WPA2 personal, I'm not sure if you are already doing that or not?

The Advanced settings tab comes up after you switch to "WPA2 Enterprize". This should allow you to use those certificates but there are more choices involved in this process.

When you click on one of the two settings it says "Smart card and other Certificate Properties" or "Microsoft protected EAP (PEAP) . I would look through both of them and try different settings. I'm not sure which setting would work with your particular certificate.

For your EAP-TLS it should be the second one which gets you to the "Protected EAP properties" window. Further down the page it shows "Select Authentication Method" or you can choose "connect to these servers" and type in the name of the server.

I'm not sure which one on the list relates to your ECDSA certificate but one of them should work.

 

[billrettig]

Learning how to use this forum - sorry.

Chev65 - thank you for your interest. Yes, I had done what you have suggested. The interesting thing is that the certificate I installed is ECDSA and neither IE nor wireless will even list the cert as one that can be chosen when trying to authenticate However, IE does list the cert as installed.
I have used this cert to perform EAP-TLS authentication using other systems so I am 99% sure that the problem is not with the cert.

Does anyone know of any issues with Windows 7 and ECDSA certificates? I thought one of the improvements was incorporation of ECC and support for NSA Suite B.

 

[chev65]

This Msoft-Technet page mentions some changes about this cert and Windows 7 compared to Vista. It's a decent check list, hope it helps.

How Smart Card Logon Works in Windows