This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(3.2, 42%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EWW%3C/text%3E%3C/svg%3E)
Dear experts,
Recently we face an issue in Windows 10 for computer certificate EAP-TLS authentication.
We are using computer certificate for EAP-TLS authentication, we already downloaded computer certificate in local,then we installed computer certificate by below command:
CertUtil -addstore My %cert_file%
We can install the computer certificate successfully, but when we tried to connect with the WI-FI by EAP-TLS method, it failed to connect with the WI-FI.
We checked the RADIUS server and found the reason may relate to the username, the username always like "host/username" and the error in RADIUS shows "Endpoint abandoned EAP session and started new". We think if we can get rid of "host/" for the username, we may resolve this problem.
I also tried install the computer certificate manually, it is working well after install and do not have "host/username" issue. Is there any command that can install computer certificate in windows 10 just like manually install?
(certreq -accept -machine %cert_file% command also tired, it may working well on older version but not in windows 10)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 23%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
You can use certutil.exe to dump and display certification authority (CA) configuration information, configure Certificate Services, backup and restore CA components, and verify certificates, key pairs, and certificate chains.
Thanks a lot for your replay.
I checked that I have certutil.exe in the following path:
• C:\Windows\system32\
• C:\Windows\WinSxS\amd64_microsoft-windows-certutil_31bf3856ad3
And I use "CertUtil.exe -addstore My XXX.cer" command to install certificate in computer personal store.
It is still same as before : We can install the computer certificate successfully, but when we tried to connect with the WI-FI by EAP-TLS method, it failed to connect with the WI-FI.
Could you pls kindly share the method OR the command to install computer certificate by certutil.exe ?
“certreq -accept -machine %cert_file%”
This command can install the computer certificate and the certificate can be used for EAP-TLS authentication.
Just one point need to be pay attention:
When create CSR for computer certificate MachineKeySet must be set as True "MachineKeySet = Ture".
If "MachineKeySet = False" “certreq -accept -machine %cert_file%” will get error.
