Skip to main content

Creating a Self Signed Certificate for NPS for testing

Recently I had need to create a test RADIUS server, using NPS (Network Policy Server).  In order to create PEAP policies, you need a certificate issued to the NPS server.

The correct way to put a certificate on the server is to Issue a real certificate to the NPS server from a real register such as Verisign, or Entrust.

You can also issue a certificate from your own CA authority.

Neither of these options are quick or easy.

What if you just need a certificate to see if something works.

Here's how to do that.

First download from Microsoft the IIS 6.0 Resource kit tools. Included in this tool kit is SelfSSL.  A tool created by Microsoft to issue and install a self-signed SSL certificate.

Launch SelfSSL from Start >Programs > IIS Resources > SelfSSL > SelfSSL (Note: You must run SelfSSL elevated as an Administrator)


Type in the following command to generate a new certificate of key length 1024 with a validity period of 10 years (3652 days):
selfssl.exe /N:CN=fqdn.of.radius.server /K:1024 /V:3652


You'll be prompted to overwrite the settings for site 1, answer with yes.   The certificate will now be in the local computer certificate store.

That's it.  It's installed in the right place, and it's enabled.

Of course, your end devices will not trust the certificate, so you will need to export the certificate, and load it onto devices as a trusted CA.

Comments

Most Popular Posts

First Post!

In August 1999, I bought my own domain name, mpking.com .  This domain name. Over the years I've used a variety of blogging software. Initially I did all the website design myself, hand crafting the HTML myself. I even had one of those *Designed by Notepad* buttons. I still have one of the custom drop cap letters I made. Yea, it's really hard to see, because it's White text.  My first website, like most all bad websites of the early 2000, was black theme.  I ran the website off my computer in my room. I quickly tired of this, and moved onto a Blog software platform.  You used an actual program program, (I don't remember it's name) and you would type up your entry, then upload it to the website.  That tired quickly, as the software was at home, and most entries, then as now, revolved around work. Then I discovered FreeGuppy .  It was online CMS platform, and it was nearly perfect, for almost five years.I even developed some plugin's for the product. A