cancel
Showing results for 
Search instead for 
Did you mean: 

Certificate Logon based on Realms ?

Occasional Contributor

Certificate Logon based on Realms ?

Hi,

is it possible to get client certificate authentication based on realms ? ,

without to enable client certificate on the external port

i would like :

user realm 1 = radius authentication logon

user realm 2 = certificate based logon

Thanks

2 REPLIES 2
Valued Contributor

Re: Certificate Logon based on Realms ?

Well you don't enable the client cert on the port. You simply install it under the "Trusted Client CA" component of certificate setup and make sure to enable it for client auth. You then do exactly as you indicated specify the appropriate auth server for each realm. Works without any hiccups.

You can even use your cert-server as primary auth in your realm 2 and then do a secondary against LDAP or whatever for 2-factor.

Highlighted
Frequent Contributor

Re: Certificate Logon based on Realms ?

http://www.juniper.net/techpubs/software/ive/guides/howtos/How_To_Certificates.pdf

The above link could also give you more information on how you can configure the settings.