Helpful ReplyHot!SSL VPN with Client Certificate Authentication

Author
pcguy
New Member
  • Total Posts : 3
  • Scores: 2
  • Reward points: 0
  • Joined: 2020/09/29 00:39:57
  • Status: offline
2020/09/29 01:05:43 (permalink)
0

SSL VPN with Client Certificate Authentication

Hi guys,
 
Our company is implementing SSL VPN with Client Certificate which will authenticate by our Fortigate.
However, many of our company users are not able to login with client certificate. Users with administrator rights have no issue to login.
 
The reason is due to these users do not have administrator rights or read permission to access the client certificate's private key. In Windows Group policy, as I know there is no such settings to grant certain read permission to Certificate's private key.
 
Anyone has any experience or encountered the same challenges while do not want to grant administrator rights to normal users?
 
Thanks!
 
#1
boneyard
Gold Member
  • Total Posts : 266
  • Scores: 14
  • Reward points: 0
  • Joined: 2014/07/30 11:15:18
  • Status: offline
Re: SSL VPN with Client Certificate Authentication 2020/10/04 02:14:13 (permalink)
0
client certificates in the current user store should be accessable without admin rights
#2
pcguy
New Member
  • Total Posts : 3
  • Scores: 2
  • Reward points: 0
  • Joined: 2020/09/29 00:39:57
  • Status: offline
Re: SSL VPN with Client Certificate Authentication 2020/10/06 02:58:28 (permalink)
0
boneyard
client certificates in the current user store should be accessable without admin rights




We are using computer cert as client cert which only accessible by admin rights.
#3
boneyard
Gold Member
  • Total Posts : 266
  • Scores: 14
  • Reward points: 0
  • Joined: 2014/07/30 11:15:18
  • Status: offline
Re: SSL VPN with Client Certificate Authentication 2020/10/10 00:20:33 (permalink)
0
if you can't change that setup then it wont be possible for regular users.
#4
pcguy
New Member
  • Total Posts : 3
  • Scores: 2
  • Reward points: 0
  • Joined: 2020/09/29 00:39:57
  • Status: offline
Re: SSL VPN with Client Certificate Authentication 2020/10/14 19:33:59 (permalink) ☄ Helpfulby boneyard 2020/10/19 08:42:37
5 (1)
We found out there is an option in EMS "Allow Non-Administrators to Use Machine Certificates" which totally solved our issue.
 
Hope can help someone have the same issue.
 
#5
Jump to:
© 2020 APG vNext Commercial Version 5.5