I would like to create a certificate system to add security to a small business wireless network. I understand that certificates can be used as authentication on a WLAN. Does anyone know how to do this??
Asked
Active
Viewed 266 times
1 Answers
5
You can use any X.509 client authentication certificate as long as your authentication source trusts them. Basically, you need a few things:
A way to make the certificates. The easiest way to do this if you're in a Windows environment is with Active Directory Certificate Services.
A way to distribute the certificates. You can do this via auto-enrollment/GPO.
A way to authenticate the client certificates. If you're a Windows shop, you can use the NPS role to make a server act as a RADIUS server. You'll then point your APs or Wireless LAN Controller to use this server as an authentication source. You then configure the NPS server to trust these certs.
You need APs that support authenticating against a RADIUS authentication source.
These are all very detailed things. I suggest you get to reading about each step and ask individual and specific questions about any problems that you might run into during your testing. "Help me do this from scratch" is far too broad.
TL;DR You need hardware that supports it. You need a way to generate certificates. You need an authentication source that can use those certificates.
