다음을 통해 공유


Checklist: Installing a user certificate from floppy disk on an Ethernet client

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Checklist: Installing a user certificate from floppy disk on an Ethernet client

This checklist applies only to Ethernet client computers that use EAP-TLS authentication.

Step Reference

Configure the IAS server for authenticated switch access.

Checklist: Configuring the IAS server for authenticated switch access

Submit a user certificate request using the CA Web enrollment tool and save the certificate to floppy disk.

To save a certificate to floppy disk, submit an advanced certificate request by using the CA Web enrollment tool. You can connect to the CA Web enrollment tool at https://ServerName/certsrv, where ServerName is the name of the Web server at which the certification authority you want to access is located. Click Advanced certificate request, and then click Create and submit a request to this CA.

On the Advanced Certificate Request page, select Export keys to file, and then type a path statement (including file name) in Full path statement. In Additional Options, select the PKCS 10 format, and then click Submit. When prompted, type a password and password confirmation in Create Private Key Password, and then click OK. In Certificate Issued, select DER encoded and Download certificate chain. When prompted, choose to save the file, and then select a location for it. For more information, see Submit an advanced certificate request via the Web to a Windows Server 2003 CA.

Import the user certificate into the certificate store of the computer for which you want to use the certificate.

Insert the floppy disk that contains the user certificate into the floppy drive and run the Certificate Import Wizard. For more information, see Import a certificate.

Note

  • You can configure IAS in Windows Server 2003, Standard Edition, with a maximum of 50 RADIUS clients and a maximum of 2 remote RADIUS server groups. You can define a RADIUS client using a fully qualified domain name or an IP address, but you cannot define groups of RADIUS clients by specifying an IP address range. If the fully qualified domain name of a RADIUS client resolves to multiple IP addresses, the IAS server uses the first IP address returned in the DNS query. With IAS in Windows Server 2003, Enterprise Edition, and Windows Server 2003, Datacenter Edition, you can configure an unlimited number of RADIUS clients and remote RADIUS server groups. In addition, you can configure RADIUS clients by specifying an IP address range.