Hi,
we have some ACS Deployments and they work good for us. But after the EoL announcement of the ACS we began to test the ISE. Much to our surprise we found out, that the ISE obviously don't support certificate-based user authentication against the internal user database. In ACS you can configure an identity store with a Certificate Authentication Profile which is independend from any directory. In ISE you have to configure a Certificate Authentication Profile with an AD Join Point. Otherwise there is no certificate checking.
Does anybody know, wether this feature is on the roadmap or wether there is a workaround to use certificate-based authentication without external directories?
We only want to check the common name against the user names. There is no need for us to bit compare the certificates.
Greetz
Nico