Showing results for 
Search instead for 
Did you mean: 

user certificate check - SHA-1

New Contributor

user certificate check - SHA-1

Posting this as could not find a kb article that documents this problem or anything already in the forums
PSC - 8.3R1
Client - 5.3

First factor - active directory credentials
Second factor - Only allow users with a client-side certificate signed by Trusted Client CAs to sign in.

works using a browser
does not work with VPN client

Certificate must be signed using SHA-2
Was hoping all you would need is a trusted certificate but this is not the case.
Hopefully no one else will waste time logging a support case about this as I did.
New Contributor

Re: user certificate check - SHA-1

host checker policy with machine certificate does not require SHA-2 and SHA-1 certs can be used