Im wanting to create a new connection in a 'Machine or User' setup using certificates. Currently i have 2x certificates in the machine store from my CA which are pretty much identical so in testing Pulse Desktop client always asks to select which cert to use and i guess will cause the machine auth to fail as it wont know which cert to use, within the Pulse Secure connection settings under 'certificate matching' i can see 'custom enhanced key usage OID / Text' but this doesnt help me as both are the same in each cert.
Is it possible to use other Certificate attributes for matching? as in my case i could use Subject CN, OU etc which is different.
Not sure if this helps but cert ranking can help identify the cert that is eventually used during machine auth. In ranking, one 1 cert will be chosen, so if you have multiple certs only 1 will be evaluated...you could then have an auth role cert filter matching something in the subject field.