Forum Discussion

Suolon Hu's avatar
Suolon Hu
Copper Contributor
Sep 21, 2023

Setting up User Certificate based authentication

Hi,

I'm trying to set up certificate based authentication for both devices and users.  I am going through third party for CA and was able to setup the connection between the CA and Intune and Entra ID.  The device CBA is working and I'm able to sync it with the Company Portal, but the issue I'm having is with the User CBA.  I am able to get the user certificate on the laptop, but when I tried to sign in using CBA, I get the https://office.com/landingV2 page with the message:
Sorry that didn't work

 

In the log, I get a Sign-in error code: 65002

 

 

Not sure why I'm getting that error as this is a new app registration I created for this.

 

When I tried to recreate the whole setup again, I get the follwoing error when I tried to login:

AADSTS50017CertificateValidationFailed - Certification validation failed, reasons for the following reasons:
  • Cannot find issuing certificate in trusted certificates list
  • Unable to find expected CrlSegment
  • Cannot find issuing certificate in trusted certificates list
  • Delta CRL distribution point is configured without a corresponding CRL distribution point
  • Unable to retrieve valid CRL segments because of a timeout issue
  • Unable to download CRL

 

I'm not sure how or where to resolve this.

Resources