Got a new cert for our NPS server that was previously working fine until the old cert expired. Now getting reason code 300, which seems to indicate a malformed cert but can't get any additional details aboutwhat is malformed. I followed NPS Cert guidelines here, and have regenerated the cert more than once to make sure I'm not missing anything.
https://msdn.microsoft.com/en-us/library/cc731363.aspx
Network Policy Server denied access to a user.Contact the Network Policy Server administrator for more information.
User:
Security ID: user
Account Name: user
Account Domain: domain
Fully Qualified Account Name: domain/user
Client Machine:
Security ID: NULL SID
Account Name: -
Fully Qualified Account Name: -
OS-Version: -
Called Station Identifier: 24-C9-A1-CA-70-78:Wireless.Test
Calling Station Identifier: 58-3F-54-ED-EC-03
NAS:
NAS IPv4 Address: 10.xx.xx.xx
NAS IPv6 Address: -
NAS Identifier: 24-C9-A1-CA-70-78
NAS Port-Type: Wireless - IEEE 802.11
NAS Port: 63
RADIUS Client:
Client Friendly Name: controller
Client IP Address: 10.xx.xx.xx
Authentication Details:
Connection Request Policy Name: Secure Wireless Connections
Network Policy Name: -
Authentication Provider: Windows
Authentication Server: radiusserver.local
Authentication Type: PEAP
EAP Type: -
Account Session Identifier: -
Logging Results: Accounting information was written to the local log file.
Reason Code: 300
Reason: No credentials are available in the security package