VPN ikev2: Error 798 "A certificate could not be found that can be used with this Extensible Authentication Protocol"

Oscar Alonso 0 Reputation points
2023-06-06T13:34:52.5366667+00:00

Hi,

I have configured an IKEv2 VPN on Windows 10 with EAP-TLS authentication using a user certificate issued by our private CA.

However, when I try to connect, I first get the error "798: A certificate could not be found that can be used with this Extended Authentication Protocol."

Then, when I retry, it prompts me for the password corresponding to the private key of the certificate and the connection is successful.

I have tried to establish the connection using rasdial, and the issue occurs every time I close the dialer and reopen it.

I have checked the CAPI2 event log, and there is an event ID 70 (task category "Acquire certificate's private key") associated with the rasphone.exe process, with the error "Too many posts have been made to a semaphore" (value 12A).

How can I avoid getting this annoying error?

Thanks in advance.

Best regards,

Oscar

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
12,078 questions
Windows 10 Network
Windows 10 Network
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Network: A group of devices that communicate either wirelessly or via a physical connection.
2,386 questions
Windows Network
Windows Network
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.Network: A group of devices that communicate either wirelessly or via a physical connection.
830 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Limitless Technology 44,541 Reputation points
    2023-06-07T13:08:42.22+00:00

    Hello

    Thank you for your question and reaching out.

    1. Please open Certificate Manager: Click Start, type manage computer certificates, and then click manage computer certificates in the search result.
    2. Go to C:\Users<UserName>\AppData\Roaming\Microsoft\Network\Connections\Cm<GUID>, Try to manually install the certificate (*.cer file) on the user and computer certificate store.

    --If the reply is helpful, please Upvote and Accept as answer--


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.