Has any one had success with FTD machine certificate based authentication? I have user certificate based authentication working but I cannot get machine certificate based authentication to work. The same Microsoft CA signs both the user and machine certificate. when I launch anyconnect I get prompted for a certificate to choose and If I select the user certificate it works. If i chose the computer/machine certificate it fails. Certificate validation failure.
If the user is not an administrator they do not have acces to the machine certificate store, only the user certificate store. You can use the Certificate Store Override option, which allows AnyConnect to access the machine certificate store.