Showing results for 
Search instead for 
Did you mean: 

SSO with Client Certificate

New Contributor

SSO with Client Certificate


I  have in my company  SA 2500, we work with client certificate.

the problem is, when we work with SSO on files sharing (I work with Autopolicy: Windows Server Single Sign-On)

I have to choose three option:

1. Use System Credentials.

2.Use predefined credentials, then I enter a user name and password (user from the domain )

3.Disable SSO

So, when I use the first option, when I try to reach the resource the IVE ask for Credentials.

but when I use the second option, I reach to the resource successfuly.

I theck with a sniffer and I find out that when I use the first option, the IVE never try to to reach the resource.

and when I use the second option, I can see the request from the IVE to the specific resource.

what can be the problem? I what the IVE use the  client certificate to reach that resource.

  Thx a lot, Elad Rabinovich

Frequent Contributor

Re: SSO with Client Certificate

I'm confused... how does Juniper know the person's username and password for the user on your domain?  You've only given it a client certificate which I'd assume you're using a field that contains their username, but no password.  I'd assume that's why it's not working with System credentials; it's not even bothering to try since it doesn't have a password to send to Windows for authentication.