Forum Discussion
NimbostratusCertificate Store Name - Can you have more that one entry
So we have a machine certificate check set up with out SSL VPN APM. Everything works great with pretty much the default. The cert store is set to MY and our devices are all Windows, UNTIL. . . .now they want to add about 10-15 Macbooks. Can you have more that one store name entry? Like
MY or Macbook location
Any insight would be great.
1 Reply
- Kevin_Stewart
Employee
It's sort of odd that the store name text box suggests multiple values, but the corresponding help text does not:
Specifies the certificate store name that the action attempts to match. The certificate store can be a system store with a predefined name like MY, or a user-defined name. The store name can contain alphanumeric characters. The Machine Cert Auth action treats MY as the default store name for both Mac and Windows clients.
For more information about MY, the default store name for personal certificates in Windows, see http://msdn.microsoft.com/en-us/library/aa347693.aspx.
For a Mac client, if you do not want to use the default location, you must type the name of a keychain file. Type only the file name, which is case-sensitive, without a file path. To view keychains, use the security list-keychains command from the Terminal.
My initial guess would be that 1) you should be able to put multiple values here, line delimited, and 2) you may not have to for a default Mac configuration. Here's another great resource that explains the "MY" certificate store:
http://msdn.microsoft.com/en-us/library/windows/desktop/aa388136%28v=vs.85%29.aspx
