I know many of you are using EAP-TLS and CloudPath on boarding.
We have ran in to an issue where some Windows 8 and 10 machines will say
the server said the certificates are revoked, but they are not revoked.
We have checked the things like time being correct. We did discover the
command 'certutil -f –urlfetch -verify cert_name.cer' will work just
fine on Windows 7, but crashes on Windows 8 and Windows 10. The event
viewer is showing these errors.
"The certificate received from the remote server has been revoked. This
means that the certificate authority that issued the certificate has
invalidated it. The SSL connection request has failed. The attached data
contains the server certificate." -- Attached is the root CA.
"A fatal alert was generated and sent to the remote endpoint. This may
result in termination of the connection. The TLS protocol defined fatal
error code is 44. The Windows SChannel error state is 552."
I have tried googling the problem and and have come up empty.
CouldPath has told our security admin that our university seems to be
the only one having this issue.
Makes me wonder if our certs are being generated with incorrect settings
for Windows 8 and Windows 10.
What algorithm and key length are you using?
Any suggestions?
Kevin McCormick
uTech Network Services
Western Illinois University
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
