Hi,
The scenario is the following:
- 2-tier PKI installed at ForestA. 1 stand-alone root CA and 1 enterprise subordinate CA. The servers are Windows 2012 R2. The domain and forest functional levels of ForestA is Windows 2003 R2.
- RADIUS proxy and RADIUS servers located at ForestB. The servers are Windows 2012 R2. The domain and forest functional levels of ForestB is Windows 2008 R2.
- There is no trust relationship between ForestA and ForestB.
- For the wireless environment I need to use PEAP.
I need to get the PEAP certificate from the enterprise subordinate CA for the RADIUS proxy and RADIUS servers.
The questions are:
Is it needed to create a trust relationship between forests? (one-way or two-way?)
What would be the procedure to get the certificates needed for Radius proxy and Radius servers?
Thanks in advance!