v5.3 shows all certificates (not only appropriate ...

blazm · ‎01-23-2019

Hi,

I have following "types" of certificates stored on a smart card:

(KU: Key Usage; EKU: Enhanced Key Usage)

#1 - KU: Digital Signature (80), EKU: Client Authentication, Smart Card Logon
#2 - KU: Digital Signature (80), EKU: Secure Email
#3 - KU: Key Encipherment (20), EKU: <notSet>

When using versions of Pulse Desktop client for Windows prior the v5.3, the certificate selector only showed the certificate #1, which should be the only valid choice (EKU: Client Authentication, KU: Digital Signature).

Currently I am using version v5.3.1183 and in this version, the certificate selector is showing all 3 certificates, although only #1 should be shown (#2 has inappropriate EKU, #3 has inappropriate KU).

Is this a known bug in v5.3? Was this fixed in new releases?

Thanks for helping me out!

Blaz

[email protected] · ‎01-26-2019

Sounds like a bug! Please try using 5.3R7 Pulse Client and notice the behavior.

Pulse Connect Secure Certified Expert

zanyterp · ‎02-13-2019

Have you defined only the specific EKU that you want used?
I believe that sounds fine; however, without seeing the log I cannot confirm
As mentioned by [email protected], please open a case for confirmation

v5.3 shows all certificates (not only appropriate ones)

v5.3 shows all certificates (not only appropriate ones)

Re: v5.3 shows all certificates (not only appropriate ones)

Re: v5.3 shows all certificates (not only appropriate ones)