BACKGROUND I am using an auth server that points to our CA, I have uploaded our CA's root certificate to "Trusted Client CA" and have created a machine certificate realm with a rule that permits multiple (* -or- ANY) certificate from our CA to connect to our VPN. Our machines have a domain certificate issued to each workstation from the CA using the computer template. It is assigned to every workstation via a GPO because RADIUS requires the CA's root certificate for wireless access to occur. As a result, we have both the root CA and a wireless certificate assigned to every device. PROBLEM When the vpn goes to connect, it prompts for a certificate to use. QUESTION How can I craft a rule to only choose a single certificate since under machine authentication you cannot have ANY user input.
... View more