So i did a search and it came up with alot of information but none has helped me so far.
as one of the host checks I am trying to validate the computer has a valid Machine Cert issued by our internal CA.
I have imported the whole chain from our root CA to the CA that is issuing machine certs to system -> configuration -> Certificates -> Trusted Client CAs
On the machine (windows 7) the cert is at Certificate (Local Computer) -> Personal -> Certificates
when i do a check for this host checker policy that basically says if the cert is issued by either of our internal CAs pass i get the following error
'Machine certificate validation failed (3); Machine certificate was not found'
Any help will result in Kudos 
1 ACCEPTED SOLUTION
Accepted Solutions
I still can not get this stupid thing to work 
so far this is how i have evertyhing setup
1. I have imported my certs chain in system -> configuration -> Certificates -> Treusted Client CAs upto the root
2. Setup a sign in page https://x.x.x.x/pulse
3. setup a sign in page policy that sends me to pulse realm
4. in the realm i am not doing any restrictions
4. and there is a role called pulse which has the option to do only pulse nothing else
5. there is a host checker policy called cert where i am looking for Machine cert -> Machine Certificate and the only thing checked in there is Criteria and that is my issuer cert. That is the CA that signed my machine cert. Nothing in the optional.
6. I have setup primary authentication in the realm PULSE as LDAP
6. There is a * for anyone who wants to connect to opulse realm will get the pulse role if they have the machine cert
7. every time i do this i get
8. so when i go to my pulse client try to connect i get the login prompt for LDAP i type that in and than i get You are not allowed to login and off course the reason is no Roles as the Host checker policy does not find a machine cert signed by my CA.
Please help i am thinking there is something really simple i am messing up.
