What's in the subject alternative name on the certificate?
From the help for Test-Certificate:
If the DNSName parameter is used, then the DNS subject alternative name is used to verify SSL policy.
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi,
We noticed some issues when it comes to EAP-TLS communications and when we ran the Powershell command "Get-ChildItem -Path Cert:\localMachine\My | Test-Certificate -Policy SSL -DNSName "dns=contoso.com" on the client computer, the computer certificate showed " The certificate's CN name does not match the passed value " error.
The subject certificate was issued by Certificate Authority using the computer template.
Not sure where to look for exactly as the certificate shows the CN as the DNS name of the PC that seems to be correct.
What's in the subject alternative name on the certificate?
From the help for Test-Certificate:
If the DNSName parameter is used, then the DNS subject alternative name is used to verify SSL policy.
The certificate's CN name does not match the passed value " error.
that's because client certificate is not valid/responsible for entire domain, it is valid for particular client host only.
not sure why Microsoft's example shows a dns=contosoc.com!!!
because it is an example. You have to insert your desired name which matches the client host FQDN.
This means that your issues with RADIUS lie elsewhere. It would be better if you start a new thread and provide RADIUS configuration and relevant logs with error. Either, client and/or RADIUS certificate fails validation.