Fixing a Bad Always On VPN Certificate

Tags VPN

Fixing a Bad Always On VPN Certificate

  1. Open the Run App on the computer
    1. Open the Windows Start Menu
    2. Type in Run in the search field
    3. Open the Run App
  2. In the Open dialogue box type certmgr.msc then click OK
  3. In Certificates - Current User go click on the Personal folder
  4. Click on the Certificates folder
  5. Delete the Certification issued to User’s Username issued by HACC Issuing CA
    1. Example - Issued To: AJWITKOW     Issued By: HACC Issuing CA
  6. Close certmgr
  7. Open the Run App on the computer
  8. In the Open dialogue box type certlm.msc then click OK
  9. In Certificates – Local Computer click on the Personal folder
  10. Click on the Certificates folder
  11. Delete the Certification issued to user’s device name by HACC Issuing CA
    1. Example - Issued To: HBS107X99APL, Issued By: HACC Issuing CA
    2. Example - Issued To: HBS107X99APL.ad.hacc.edu, Issued By: HACC Issuing CA
  12. Open Software Center
  13. Click On “WIN10 VPN 3.0 - WIN10 VPN 3.0” and click “Reinstall”
  14. Open Control Panel
  15. Click on “Network and Sharing Center” then click on “Change adapter settings”
  16. Locate the HACC Always On VPN adapter
  17. Right‐click on the adapter and choose Properties
  18. Click on the Security tab – insure Use Extensible Authentication Protocol (EAP) is selected – Click on Properties
    1. Note which Trusted Root Certification Authorities are select COMODO RSA is not always there but if it is make a note of it
  19. In the Select Authentication Method: section, click on Configure
    1. Within Trusted Root Certification Authorities make sure all HACC Root CA are selected
  20. Click on the Advanced button
  21. In the Configure Certificate Selection make sure the changes below are made
    1. Select Certificate Issuer
    2. Select HACC Root CA
    3. If COMODO RSA is present make sure it is selected
  22. In the Intermediate Certification Authorities section (scroll down within Configure Certificate Selection)
    1. Select HACC Issuing CA
    2. Select HACC Root CA
  23. Click OK four times
  24. Restart computer – Verify VPN connects automatically