Windows Security Alert appears when connecting to a wireless network on a workgroup machine

Article ID: 2518158 - View products that this article applies to.
Expand all | Collapse all

Symptoms

While connecting to a wireless network on a Windows system that is part of a workgroup, a Windows Security Alert dialog similar to the following may be displayed:

The server “<Authentication server>” presented a valid certificate issued by “<CA name>”, but “<CA name>” is not configured as a valid trust anchor for this profile. Further, the server “<Authentication server>” is not configured as a valid NPS server to connect to this profile.

or

The server “<Authentication server>” presented a valid certificate issued by “<CA name>”, but “<CA name>” is not configured as a valid trust anchor for this profile.

If you click the Connect button on the dialog box, the wireless connection will be established successfully. 

Back to the top | Give Feedback

Cause

To validate the server certificate, Windows will check if the second element in the chain, the Certification Authority (CA) that issued the end certificate, is a trusted CA for Windows NT Authentication. A CA is considered to be trusted if it exists in the "NTAuth" system registry store found in the CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE store location. If this verification fails, either of the warning messages in the Symptoms section could occur. By default, the CA certificate is not in the NTAuth store on a Windows system that is part of a workgroup.

Back to the top | Give Feedback

Resolution

To workaround the issue, you can export the certificate of the CA that issued the certificate to the authentication server to a file. Copy the file to the workgroup machine and then run the following command from an elevated Command Prompt:

certutil -enterprise -addstore NTAuth CA_CertFilename.cer

Back to the top | Give Feedback

More Information

About How to import third-party certification authority (CA) certificates into the Enterprise NTAuth store, please refer to http://support.microsoft.com/kb/295663
Back to the top | Give Feedback
Note This is a "FAST PUBLISH" article created directly from within the Microsoft support organization. The information contained herein is provided as-is in response to emerging issues. As a result of the speed in making it available, the materials may include typographical errors and may be revised at any time without notice. See Terms of Use
(http://go.microsoft.com/fwlink/?LinkId=151500)
for other considerations.
Back to the top | Give Feedback

Properties

Article ID: 2518158 - Last Review: May 20, 2011 - Revision: 3.0
APPLIES TO
  • Windows 7 Enterprise
  • Windows 7 Professional
  • Windows 7 Ultimate
  • Microsoft Windows XP Professional
  • Microsoft Windows XP Professional x64 Edition
  • Windows Vista Business
  • Windows Vista Business 64-bit Edition
  • Windows Vista Enterprise
  • Windows Vista Enterprise 64-bit Edition
  • Windows Vista Ultimate
  • Windows Vista Ultimate 64-bit Edition
  • Windows 7 Home Basic
  • Windows 7 Home Premium
  • Windows 7 Starter
  • Microsoft Windows XP Home Edition
  • Windows Vista Home Basic
  • Windows Vista Home Basic 64-bit Edition
  • Windows Vista Home Premium
  • Windows Vista Home Premium 64-bit Edition
  • Windows Vista Starter
Keywords: 
KB2518158
Back to the top | Give Feedback

Give Feedback

 
Back to the topBack to the top