cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
761
Views
0
Helpful
3
Replies

certificate issue

igbinosuneric
Level 1
Level 1

hello 

i have a WSA which i have integrated with Active directory 

some user are not in the domain and the client has said they should not be added to the domain 

the issue here is 

we used an in-house certificate authority and used a GPO to push the certificate to domain users

non domain user have to install the certificate every time 

how do i avoid this 

thank guys 

 

 

 

3 Replies 3

Marcel Maeder
Level 4
Level 4

Easy answer: do not use decryption :-)

Workaround: You could create an identity for guests and define in the decryption policy do not decrypt traffic from this identity. You can't have decryption without distributing the signing CA and not getting error messages at the same time.

Hello 

if i configure a pass through function in decryption policy 

Then non of the access policy would work on that identity 

The client wants a policy to govern no domain user 

thank you for the reply Marcel

Hi

Do you have an access policy which matches the non-decrypt identity? What does the policy trace say? And which version are you using?