problem with machine certificate check...
Hi out there I am going to build me a virtual server for m2m - machine to machine communication where pc's will upload data to a webservice. The inside serverpart have I now running with a kerberos sso policy where I now will replace my http-401 agent with a machine certificate agent - I expect that I can swap this module in but I cannot really find some documentations on this. Can some here either show me a sample or guide? I tried to insert it in my apm policy but I could not get the correct certificate in the machine store. Is it possibly to use the "on demand certificate check" agent instead? this works simple and problem-free but as far as I can see I can only define the current user's personal certificate there - is this correct? best regards /timachine cert auth agent doesn't check on private keys?
hi out there I have still problems with the machine cert auth agent in my apm policy - it seems as if it cannot verify if the the certificate contains the private key or not - I tried to export a certificate with non-exportable private keys and import it again so that no private key exist on the client - the agent still return "1" and lets me pass the authentication successfull even though I would expect that it should return "2" and hereby indicate correct certificate but without private keys what can I do? best regards /ti
machine cert auth agent doesn't check on private keys?
hi out there I have still problems with the machine cert auth agent in my apm policy - it seems as if it cannot verify if the the certificate contains the private key or not - I tried to export a certificate with non-exportable private keys and import it again so that no private key exist on the client - the agent still return "1" and lets me pass the authentication successfull even though I would expect that it should return "2" and hereby indicate correct certificate but without private keys what can I do? best regards /tiproblem with machine certificate check...
Hi out there I am going to build me a virtual server for m2m - machine to machine communication where pc's will upload data to a webservice. The inside serverpart have I now running with a kerberos sso policy where I now will replace my http-401 agent with a machine certificate agent - I expect that I can swap this module in but I cannot really find some documentations on this. Can some here either show me a sample or guide? I tried to insert it in my apm policy but I could not get the correct certificate in the machine store. Is it possibly to use the "on demand certificate check" agent instead? this works simple and problem-free but as far as I can see I can only define the current user's personal certificate there - is this correct? best regards /ti