Creating, Importing and Assigning a CA Certificate Bundle
Published Jul 30, 2018
Version 1.0Was this article helpful?
Good question. In a scenario where you configure request versus require, you are potentially allowing a secondary authentication method if the client does not present a client certificate. In the event a client certificate is presented even if it is set to request, the SSL Client profile will validate the certificate was issued by a CA in that bundle. If it was not, it will either deny access or you can configure the VPE to allow another authentication method. If I get around to it, I will provide a VPE screenshot that has this scenario.
If this is an Access Policy that is ONLY configured for non-certificate-based authentication (AD, LDAP, Forms, etc.), this setting is not required.