CA is Not configured as Valid Trust Anchor

Copper Contributor

We've two ADs ( and )in Deployment, Entirely separate and no trust in between. We've integrated these two ADs in our Radius Server as an External Identity Source.
We are using dot1x (PEAP-MSCHAPv2) as an Authentication method to get the endpoints authenticated against the AD.
Now the Problem is Our Radius Server is presenting an EAP Auth certificate which is signed by "" root CA, so the Endpoints/Users which are part of AD are authenticating successfully without an issue, but the Users who are part of "" are not.


They are getting the Error while machine authentication, Refer to the Attached screenshot.


Radius Server Can use only one EAP auth Certificate, signed by any one of the CA (either or

Tried importing root CA to the domain joined machines, didn't work.




0 Replies