There is a published POSH-ACME Deploy script to apply a newly updated LE cert to an NPS instance to update the cert bindings for PEAP. This is needed as otherwise NPS can get it wrong and bind a different cert for use with PEAP and breaking wifi.
Can CtW use such a cert without modification, and if so how ?
Stephen
It’s can’t be used without modification, no. However someone with scripting knowledge could adapt the same approach: Scripting | Certify The Web Docs
The Posh-ACME script looks to have around 4 lines of code that are relevant.
Yeah, I’ve put a wrapper around Set-NPSCertificate, passing in the bits of $result I think it needs.
I’ll see how that gets on.
Using a wrapper wasn’t the best idea as Set-NPSCertificate expects its input to be pipelined in from other PA functions, so I just pulled the guts out into a standalone script and it’s working now in staging.
Great! If it seems to work OK feel free to share your script here 