This page follows the discovery and remediation of the SSL Negotiation issues occuring for Chrome 38 Users after the Microsoft Patch KB2992611 (Winshock) was deployed.
I’m going to building up a 3 part series that will cover all the parts that you need you 802.1x Authentication working. I’ll be using Microsoft’s NAPS roll on server 2012 so that we can use AD authentication.
All the servers will be running Windows Server 2012
I won’t be covering how to install windows. Rather here is a list of servers that you will need to have ready to go as we enter each section.
Part 1) Certificate PKI Environment.
2 x Windows Server 2012 Data Center Edition servers.
2x Windows Server 2012 Standard Edition server.
We’ll cover building an offline root CA and 2 node clustered Sub-CA.
The Domain controller will need to be pre-installed. Nothing special just a basic install and promotion.
Part 2) NAPS Role and Server side configuration.
2x Windows Server 2012 Standard Edition servers.
We’ll cover how to install the role and configure it ready for our switches to connect.
Part 3) Configuring the switches and creating required GPO’s.
1x Cisco switch (This will work on other devices but, I’m using Cisco)
1x Physical testing machine (laptop or computer) (I’ll show Linux and Windows here)
1x Your favourite VM software for advanced testing.