02-19-2012 02:33 AM
I have created a w2k8 r2 certificate authority and a client certificate using sha1 for the root and client Certs. I have issued and exported these certificates and imported them by email to an iPhone and iPad (running 5.0.1) and installed them so they appear as trusted. I downloaded the latest junos pulse client (3.0) for ios but when I start junos pulse and click on certificates option there are no Certs in the list to select. why isn't the client cert there if it is installed and trusted? Is it because I have created the client cert incorrectly? Or is there an incompatibility issue? So currently when I try to login I get 'missing certificate'. Any ideas?
02-19-2012 05:53 AM
Are you seeing the same issue on Windows platforms as well? Do you see any errors in the User Access Logs on the SA?
I hope you have already imported the cert into the Trusted Client CA list on the SA as well.
02-19-2012 08:41 AM
Yes root certificate has been imported into trusted Client CA list. I'm going to try generating different client certificates using different ciphers on the CA to see if that's the issue why they don't appear in the cert list
02-21-2012 10:40 AM
The easiest way to test is install the certificate in firefox or internet explorer and try to authenticate to the SA using the browser. If the certificate does not appear in the browser, then the certificate was issued incorrectly. In most cases, you'll want to make sure the key usage of 'client authentication' is enabled on the end user certificate.
02-22-2012 01:57 PM