Posts

Showing posts from April, 2013

Dilbert on Firewalls

Image
On of the tasks I routinely do at work involves firewalls.  Create configurations for them, Administer them, design deployment strategies for them.

Scott Adams posted this, this week.


It neatly summarizes the sentiment the guy deploying the firewall has.

Creating a Self Signed Certificate for NPS for testing

Recently I had need to create a test RADIUS server, using NPS (Network Policy Server).  In order to create PEAP policies, you need a certificate issued to the NPS server.

The correct way to put a certificate on the server is to Issue a real certificate to the NPS server from a real register such as Verisign, or Entrust.

You can also issue a certificate from your own CA authority.

Neither of these options are quick or easy.

What if you just need a certificate to see if something works.

Here's how to do that.

First download from Microsoft the IIS 6.0 Resource kit tools. Included in this tool kit is SelfSSL.  A tool created by Microsoft to issue and install a self-signed SSL certificate.

Launch SelfSSL from Start >Programs > IIS Resources > SelfSSL > SelfSSL (Note: You must run SelfSSL elevated as an Administrator)


Type in the following command to generate a new certificate of key length 1024 with a validity period of 10 years (3652 days):
selfssl.exe /N:CN=fqdn.of.radius.…