I am trying to set up Odyssey for 802.1x authentication to UAC, using the "Prior to Windows login" option for single sign on. However, the Odyssey client is rejecting the UAC's certificate, even though I have installed all the certificates in the chain under the machine account, as described in
Instead, the logon via the Odyssey tile finally results in
Odyssey Access Client was unable to connect to the network
Reason: Client issued alert 42(bad certificate)
Access point id: User Name:
If I configure the PC to use the Microsoft 802.1x driver, and use Single-sign-on using machine credentials prior to Windows login, and to care about the certificate presented, it does not complain about the offered certificate.
The details are:
Odyssey UAC Edition v 5.40.19633.0
Windows 7 Enterprise SP1
UAC (IC6500) 4.2R3 (build 19633)
Any ideas on what is going on and how to fix it?
Secondarily, is there any way to get Odyssey to log the attempt? I can do it from the Odyssey GUI once I am already logged in, of course, but how can I get it to log the events prior to login?
Any help gratefully accepted.
Solved! Go to Solution.
Found the problem. I had not configured the trust under Odyssey Access Client Manager ... Initial Settings ... Trusted Servers.
Also, if we configure Odyssey to connect after Windows logon, we get no such error. I have checked that the certificates held in the machine account are the same ones as in the user account. Why would the machine reject the certificate if the user process doesn't?
...and if I disable server verification in the initial profile, all goes well.