Certificate check two users login with the same certificate.
Recently, I have installed a CA on a Windows 2008 and created certificate for Pulse Secure 8.1R1 and upload CA trusted for client.
Steps that I have token
1. Created on realm level restriction (Only allow users with a client-side certificate signed by Trusted Client CAs...) 2. created a custom expression like this: user != certDN.serialNumber (to prevent other users using this certificate) 3. made a rule as custom expression for realm users
Now the problem is:
1. user1 login in Windows 7 pro, that my personal certificate has been installed able to login in Pulse Secure 8.1R1 that the owner of this certificate and other person while user1 logged in also able to login using user1 certificate.
In the Pulse Secure monitoring, I see this: Certificate realm restrictions successfully passed for user2/Users , with certificate '[email protected]
Re: Certificate check two users login with the same certificate.
How are you logging in (AD, LDAP, system local)? Is your serial number in the certificate a name or a number? Does the username you use to login match the username format for your certificate? Do you have any catch-all rules that would allow the users to login when the custom rule fails? If you change the custom expression to be a true, meaning it has to match to be true, does it fail?