09-04-2020 02:03 AM - edited 09-04-2020 02:06 AM
Hi,
Has any one had success with FTD machine certificate based authentication? I have user certificate based authentication working but I cannot get machine certificate based authentication to work. The same Microsoft CA signs both the user and machine certificate. when I launch anyconnect I get prompted for a certificate to choose and If I select the user certificate it works. If i chose the computer/machine certificate it fails. Certificate validation failure.
09-04-2020 02:18 AM
Hi,
If the user is not an administrator they do not have acces to the machine certificate store, only the user certificate store. You can use the Certificate Store Override option, which allows AnyConnect to access the machine certificate store.
HTH
09-04-2020 03:36 AM
09-06-2020 05:12 PM
I assumed since I could select the certificate anyconnect client had full access. Running the anyconnect client as administrator allowed the computer certificate to work.
Certificate Store Override setting is ticked however it still doesnt work without running the client as administrator.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: