Forum Discussion
Suolon Hu
Sep 21, 2023Copper Contributor
Setting up User Certificate based authentication
Hi,
I'm trying to set up certificate based authentication for both devices and users. I am going through third party for CA and was able to setup the connection between the CA and Intune and Entra ID. The device CBA is working and I'm able to sync it with the Company Portal, but the issue I'm having is with the User CBA. I am able to get the user certificate on the laptop, but when I tried to sign in using CBA, I get the https://office.com/landingV2 page with the message:
Sorry that didn't work
In the log, I get a Sign-in error code: 65002
Not sure why I'm getting that error as this is a new app registration I created for this.
When I tried to recreate the whole setup again, I get the follwoing error when I tried to login:
AADSTS50017 | CertificateValidationFailed - Certification validation failed, reasons for the following reasons:
|
I'm not sure how or where to resolve this.
- BillClarksonAntillIron Contributor
Suolon Hu Have you setup a Certificate Revocation List and published it out so your workstations can find it?
From memory theres permissions you need to setup on the server to auth the CRL out
But check out this page for all the settings and configure for one
- Suolon HuCopper ContributorHi Bill, we are not hosting our own CRL server, we're using Digicert, so I don't think that link applies?