Applies to: All versions of Centrify DirectControl on all version of Mac
To set up Wi-Fi on Mac with EAP-TLS authentication, certificate is deployed automatically (using GPO) on the Mac.
However, when trying to connect to the Wi-Fi, an error message is received stating "Invalid Password" as shown below:
What could be the possible reasons and what settings can be checked to troubleshoot?
One of the possible reasons is related to the certifcate deployed.
There is a requirement of how EAP-TLS and PEAP works with certificate authentication in AD environment. Please refer to the following Microsoft article, section "Client certificate requirements"
(Note: Centrify will not be responsible for the content or availability and it was provided as a courtesy only)
One important point to note is: "The Subject Alternative Name (SubjectAltName) extension in the certificate contains the user principal name (UPN) of the user."
Please check if the UPN has been added to certificate's SubjectAltName attribute. If it still doesn't work after adding this, please contact Centrify Technical Support team for further investigation.
Note: Centrify does not support PEAP until Centrify Suite 2014.