Windows Certificate Store vs. Certs Path
Note: It is important that all dates are correct on the HX2 and host computers when using any type of certificate. Certificates
are date sensitive and if the date is not correct authentication will fail.
User Certificates
EAP-TLS authentication requires a user certificate. The user certificate must be stored in the Windows certificate store.
l To generate the user certificate, see Generating a User Certificate.
l To import the user certificate into the Windows certificate store, see Installing a User Certificate.
l A Root CA certificate is also needed. Refer to the section below.
Root CA Certificates
Root CA certificates are required for EAP/TLS, PEAP/GTC and PEAP/MSCHAP. Two options are offered for storing these
certificates. They may be imported into the Windows certificate store or copied into the Certs Path directory.
How To: Use the Certs Path
1. See Generating a Root CA Certificate and follow the instructions to download the Root Certificate to a PC.
2. Copy the certificate to specified directory on the mobile device. The default location for Certs Path is \System. A
different location may be specified by using the Certs Path global variable. Please note the location chosen for
certificate storage should persist after a reboot.
3. When completing the Credentials screen for the desired authentication, do not check the Use MS store checkbox after
checking the Validate server checkbox.
4. Enter the certificate name in the CA Cert textbox.
5. Click OK to exit the Credentials screen and then Commit to save the profile changes.
How To: Use Windows Certificate Store
1. See Generating a Root CA Certificate and follow the instructions to download the Root Certificate to a PC.
2. To import the certificate into the Windows store, See Installing a Root CA Certificate.
3. When completing the Credentials screen for the desired authentication, be sure to check the Use MS store checkbox
after checking the Validate server checkbox.
4. The default is to use all certificates in the store. If this is OK, skip to the last step.
5. Otherwise, to select a specific certificate click on the Browse (…) button.
6-22