Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Determining certificate before displaying logon page

kenlars_
Super Contributor
‎09-14-2010 05:48:AM
‎09-14-2010 05:48:AM

Determining certificate before displaying logon page

Is there any way to determine the presence of a certificate - and the contents of the certificate - at the time the custom sign-on page LoginPage.thtml displays? What I would like to do is to change the type of authentication done based on the presence or absence of the cert. So, for example, if a user has a recognized cert, allow only password authentication. If the user does not have a recognized cert, require SecurID authentication. I know how to modify the LoginPage.thtml to show different prompts and to change the realm, but I don't know if I have access to information about the cert at the time the page is displayed. Anyone have any ideas?

Ken

0 Kudos
3 REPLIES 3
muttbarker_
Valued Contributor
‎09-15-2010 04:19:PM
‎09-15-2010 04:19:PM

Re: Determining certificate before displaying logon page

Hey Ken - I am traveling today with no admin access to my box. But this rings a bell with me. I think I did this once using a machine cert, host checker and custom instructions that pointed to another realm. So the user would hit a realm, HC would run and if they "failed" due to no cert they were rerdirected to another login page via the custom instructions which simply pointed to the new realm. Xmpl - hit https://employees.itgmeeting.com - cert test fails and the custom instruction points to https://employees.itgmeeting.com

That is from memory and so I can't be 100% certain but see if that helps you out. I have an office day on Friday and could look at the specifics then if it would be of assistance.

0 Kudos
kenlars_
Super Contributor
‎09-15-2010 06:46:PM
‎09-15-2010 06:46:PM

Re: Determining certificate before displaying logon page

Kevin - I'd appreciate that very much. I'll open a JTAC case, too, but I don't find JTAC typically the place to get information on clever methods to make the SA more useful. Thanks - Ken

0 Kudos
zanyterp_
Respected Contributor
‎09-19-2010 09:32:PM
‎09-19-2010 09:32:PM

Re: Determining certificate before displaying logon page

There is no access to the certificate when LoginPage.thtml is displayed.

You would need to follow the idea presented by muttbarker to do Host Checker requirement on the realm and then allow or deny access to the different realms based on that

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.