Microsoft KB Archive/871222

= You receive an error message when you try to configure a new remote access policy in IAS on a Windows Server 2003-based computer =

Article ID: 871222

Article Last Modified on 10/30/2006

-

APPLIES TO


 * Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
 * Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
 * Microsoft Windows Server 2003, Standard Edition (32-bit x86)
 * Microsoft Windows Server 2003, Web Edition

-





SYMPTOMS
When you try to configure a new remote access policy in Internet Authentication Service (IAS) on a Microsoft Windows Server 2003-based computer, you may receive the following error message:

A certificate could not be found that can be used with this Extensible Authentication Protocol.



CAUSE
This issue occurs if a server authentication certificate that is obtained from a stand-alone certification authority (CA) is configured with incorrect parameters.



RESOLUTION
To resolve this issue, make sure that the correct key option parameters are configured in the server authentication certificate. To do this, follow these steps:  Start Microsoft Internet Explorer. On the Address bar, type http:// /CertSrv, and then click Go. On the Welcome page, click Request a certificate under Select a task. On the Request a Certificate page, click Advanced certificate request. On the Advanced Certificate Request page, click Create and submit a request to this CA. Make sure that the correct parameters are configured under Key Options. To do this, follow these steps: <ol style="list-style-type: lower-alpha;"> Click Create New key set.</li> In the CSP box, click Microsoft RSA SChannel Cryptographic Provider.</li> In the Key Size box, type 1024 .</li> Click Automatic key container name.</li> Click to select the Store Certificate in the local computer certificate store check box.</li> Click Submit.</li></ol> </li></ol>

<div class="references_section">