We have a couple of Windows Server 2008 R2 NPS Servers that are connected to our Cisco Wireless Lan Controller 5508 for SSID security and that works great. But we are wanting to implement a BYOD (non-domain devices) with one of the above SSIDs using Active Directory user authentication which works but it complains about the certificate not being signed. We would like to validate the certificates to ease our users sign on problems. Our domain is a local domain so there isn't a way to buy a valid certificate for a local domain that I am aware of so is there another way to solve this certificate issue? We own a couple of different public domain names so is there some way to utilize one them? I have been searching for a solution but haven't found anything yet. I heard from one of our vendors that I might be able to utilize a Federation Server but the process to make that very complicated. I am willing to give any method a try if I can find some sort of documentation on making it work.
Thanks in advance for any advice.