Microsoft Knowledge Base Email Alertz
All KB/RSS Links  |  Hot Kb!  |  New Kb!  |  Scott Cate  |  FAQ / KB  |  Web Hosting  |  Unsubscribe  

EAP methods such as EAP-TLS and PEAP-TLS can cause EAPHost or RASMAN services to stop responding

Search KbAlertz

Advanced Search

Receive Microsoft Knowledge Base articles by E-Mail?

Every night we scan the Microsoft Knowledge Base. If technologies you're interested in are updated, we'll send you an e-mail. You only get one e-mail a day, and only when new articles are added.
Click here to create a
FREE account
Already have an account?
[Click here to Login]











Microsoft Knowledge Base Article

This article contents is Microsoft Copyrighted material.
©2005-©2007 Microsoft Corporation. All rights reserved. Terms of Use | Trademarks
Article ID: 982731 - Last Review: August 30, 2010 - Revision: 2.0

EAP methods such as EAP-TLS and PEAP-TLS can cause EAPHost or RASMAN services to stop responding

View products that this article applies to.

SYMPTOMS

Windows Extensible Authentication Protocol (EAP) methods that use certificates that have strong private key protection sometimes cause the Extensible Authentication Protocol Host (EAPHost) service or the RASMAN service to stop responding. Such EAP methods include Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) and Protected Extensible Authentication Protocol-Transport Layer Security (PEAP-TLS).
Back to the top

CAUSE

This problem occurs when the certificate that is used by EAP-TLS or by PEAP-TLS for user authentication has to start a user interface. A certificate of this kind cannot be used for EAP authentication in Windows. However, Windows cannot completely filter out these kinds of certificates.
Back to the top

WORKAROUND

To work around this issue, do not use certificates for EAP-TLS or PEAP-TLS authentication in Windows if those certificates have strong private key protection or display a user interface. For more information about the requirements for EAP authentication, click the following article number to view the article in the Microsoft Knowledge Base:  
814394  (http://kbalertz.com/Feedback.aspx?kbNumber=814394/ ) Certificate requirements when you use EAP-TLS or PEAP with EAP-TLS
For more information about how to deploy EAP, download the following white paper from the Microsoft Download Center: 
Deployment of IEEE 802.1X for Wired Networks Using Microsoft Windows (http://download.microsoft.com/download/b/0/e/b0e2a363-0044-4327-8f17-020818f57234/wired_depl.doc)
Back to the top
APPLIES TO
  • Windows Server 2008 Datacenter
  • Windows Server 2008 Enterprise
  • Windows Server 2008 Standard
Back to the top
Keywords: 
kbprb kbsurveynew kbpubtypekc kbtshoot kbexpertiseadvanced kbcertservices kbdigitalcertificates KB982731
Back to the top
        

Community Feedback System

Very often, it takes hours to solve a problem. Very often, you've looked high and low, and have tried a lot of solutions. When you finally found it, chances are, it was because someone else helped you. Here's your chance to give back. Use our community feedback tool to let others know what worked for you and what didn't.

Please also understand that the community feedback system is not warranted to be correct, it's simply a system that we've built to let people try and help each other. If something in a feedback response doesn't make sense to you, or you're not comfortable making changes that the feedback talks about (like registry edits), please consult a professional.

Thank you for using kbAlertz.com Feedback System.

-- Scott Cate

Copyright © 2002-2007 KBALERTZ.COM.  All Rights Reserved. Terms / PrivacyDiscount ASP.NET Hosting