Aug 11 2022
we have an NPS for authenticating AoVPN users with PEAP.
We use a RADIUS server certificate from an internal PKI (AD CS) on the NPS. The certificate is auto renewed.
Autorenewal works as expected, but in some cases the NPS does not use the renewed certificate, but another certificate installed on the server.
Sometimes the renewal works as expected, but sometimes it does not.
It seems to be an old problem, see also NPS selects wrong certificate after auto-renewal - Windows Server (spiceworks.com)