certificate check
1 TopicMachine Certificate Check - why does it fail?
Hi, I am trying to implement machine certificate check for Edge Client users. The machine certificate is stored in the default MY store and I assume I have configured the APM action correctly with: MY / LocalMachine / CA Bundle / YES to right elevation prompts. The connection fails always on machine certificate check with these entries in APM log: debug /Common/ap_edge_client:Common:4d76a881: MachineCert agent: ENTER Function executeInstance info /Common/ap_edge_client:Common:4d76a881: Executed agent '/Common/empty_act_machinecert_auth_ag', return value 0 info /Common/ap_edge_client:Common:4d76a881: Following rule 'fallback' from item 'Machine Cert Auth' to item 'Log F' info /Common/ap_edge_client:Common:4d76a881: Session variable 'session.check_machinecert./Common/empty_act_machinecert_auth_ag.result' set to '-2' info /Common/ap_edge_client:Common:4d76a881: Session variable 'session.check_machinecert.last.result' set to '-2' Edge client log file contains these entries: 0,2018-08-09,11:04:34:936,APPCTRL,7384,8484,Starting pending session ID: 4d76a881 48,2018-08-09,11:04:35:431,APPCTRL,7384,8484,URL: https:///my.policy 48,2018-08-09,11:04:36:330,APPCTRL,7384,8484,Cookie MRHSession not set 1,2018-08-09,11:04:36:498,APPCTRL,7384,8484,Authentication failure 1,2018-08-09,11:04:36:498,APPCTRL,7384,8484,Authentication failed - redirect (0x80070005) 0,2018-08-09,11:04:36:498,APPCTRL,7384,8484,Failed to establish session 4d76a881 I set the logging levels for this APM policy to debug for everything, but still none of the logs tell me what could be causing the problems. Is it my VPE action setting, is it perhaps something with CA, or the client rights? How should I identify the root cause here? What more can I do more to troubleshoot beside trying every possible set of settings in the APM machine certificate check action? Any help really appreciated! thx.2.9KViews0likes17Comments